top of page

Successful completion
of a comprehensive penetration testing exercise

This badge was issued to

Learnster AB

Sekurno successfully performed a comprehensive white-box penetration test of the Learnster web and mobile applications, thoroughly assessing both API endpoints and cloud infrastructure. The results highlight Learnster’s strong commitment to maintaining a robust security posture and proactively addressing cybersecurity risks.

Earning Criteria

  • No Critical or High-Level Vulnerabilities
    No vulnerabilities were identified with critical or high severity levels, or they have been successfully remediated or mitigated.


  • No Active or Exploitable Threats
    Final validation confirmed the absence of any active or exploitable threats, ensuring the system was secure at the time of testing.


  • OWASP WSTG Compliance Score > 90%
    The system demonstrated strong security hygiene by scoring over 90% against the OWASP Web Security Testing Guide (WSTG), covering key areas such as authentication, access control, and input validation.

Methodology

  • Penetration Testing Execution Standard - an innovative penetration testing methodology being developed by the group of world leading penetration testing, security audit, and social engineering professionals.


  • OWASP Web Security Testing Guide - a comprehensive guide to testing the security of web applications and web services. Created by the collaborative efforts of cybersecurity professionals and dedicated volunteers, the WSTG provides a framework of best practices used by penetration testers all over the world.


  • OWASP Threat Modelling Process - a structured guide to application threat modeling that enables teams to identify, quantify, and address the security risks associated with an application.

Security checks
OWASP WSTG categories 


✔️ Information Gathering 

✔️ Configuration Testing 

✔️ Identity Management Testing 

✔️ Authentication Testing 

✔️ Authorization Testing 

✔️ Session Management Testing 

✔️ Input Validation Testing 

✔️ Error Handling 

✔️ Cryptography 

✔️ Business Logic Testing 

✔️ Client Side Testing 

✔️ API Testing 


* ✔️ status means no critical high vulnerabilities associated with the category.

Validity

Issued

Nov 27, 2025

Expires

Nov 27, 2026

bottom of page