- API Penetration Testing

Press release: launches white-label Kubernetes, mobile and cloud penetration testing services

Proven Dutch IT company is launching its white-label API, Mobile and Kubernetes Penetration Testing worldwide (remote) available offerings to help clients resolve their API, Mobile and Kubernetes security challenges fairly and professionally.

"We have proven our business model and expertise during the last years and scaled up efforts to come up with industrial solutions for clients of distributors and value-added resellers. We enable distributors and value-added resellers to start to tackle modern cloud-native security challenges for their clients – users of Kubernetes, Android, iOS, and API tech – preserve financial institutions' reputation, protect patient's data in healthcare, defend intellectual property, and enable digital services, among other things," said Alex Bodryk, Managing director of the company and Certified Information Systems Auditor (Certificate #13109090).

Cyberlands said it maintains a laser focus on API Penetration Testing and related disciplines – Mobile and Kubernetes Penetration testing, as it offered services to beef up security testing to uncover vulnerabilities, threats, and risks that an attacker could exploit in software and web applications and container orchestration networks.

Interested resellers and distributors can verify expertise on Gartner and Clutch review platforms. For now, supports English, French, Deutsch, Russian, and Ukrainian speaking customers with its local reps in the US, UK, Germany, Netherlands, Ukraine, and Kazakhstan.

An API pentest is a mix of API schema review and black-box API Security Assessment mimicking a real attacker.

"It is important to include in scope Web Penetration Testing, where we exploit various functions of a web site – file uploads, input forms, and others. Because we utilize multiple automated tools, we provide the service quickly and at a reasonable cost," the representative said.

In Web Penetration Testing, Cyberlands said it looks for injection vulnerabilities, errors in access rights, broken authentication, and sensitive data exposure — covering modern standards like OWASP TOP-10 Threats for Web. Cyberlands said this service is an important add-on to API Penetration Testing.

It also provides API Schema Analysis, allowing its experts to find authorization and authentication errors within API Schema that leave sensitive data exposed to the web, as well as an API Security Assessment.

Cyberlands clients can also tap the firm's white-label pentest, which provides baseline security standards for technology and applications. Kubernetes pentest is also on top of its primary services.

"In cloud-native reality, pentest makes its way as a security assessment where we audit Kubernetes users, API limits, authentication, and other Kubernetes policies making sure your team could deploy and run code securely," the representative said.

With mobile apps becoming a top delivery channel for digital services and content, Cyberlands also launched its Mobile penetration testing focusing directly on the mobile app.

In Android Penetration Testing, Cyberlands said its team of experts checks how a mobile app protects itself, stores secrets, and which libraries it employs. Experts look for gaps in business logic that introduce a risk for your security and helps a client's team with remediation — by advising what security settings are required to mitigate the risk.

"Meanwhile, in the iOS Penetration Testing, Cyberlands experts take a look at your mobile app from a hacker perspective, test how it counters Jailbreak, or discovers any emulation. We strip SSL Pinning to target API further," the representative said.

Cyberlands said it also provides Mobile Reverse Engineering, wherein it performs reverse engineering of the mobile apps. It counters its encryption and obfuscation controls and discovers all its contents mimicking determined and advanced adversaries. Team