binapp

Binary Application Security Testing is similar in many respects to web-based application security testing except that a precompiled ‘binary’ piece of software is used by the client. Our Binary Application Security Testing service is ideal for customers who have to run third-party binaries on their systems, or for software developers looking for assurance regarding their fat-client or binary applications.

Mandalorian conduct Binary Application Security Testing for clients across a variety of sectors using technologies of all shapes and sizes. Our consultants, in addition to being familiar with common web technologies and vulnerabilities, also test more obscure platforms. They have particular expertise with the following technologies:

  • .NET MSIL Assemblies
  • ELF, COFF and PE binaries
  • Windows, Windows Embedded
  • Client/Server and P2P Systems
  • Embedded hardware
  • Linux, Android
  • Java, C/++
  • Silverlight, Air
  • iOS, BlackBerry

And many more.

The Mandalorian Approach

Following an initial scoping meeting or call, we provide a fully scoped quote for your Binary Application Security Test. Our consultants perform the work in accordance with the agreed scope. Once the test is complete, our consultants produce a report containing a high level executive summary, detailed technical section and appendices for any relevant observations requiring further detail.

Typical Findings

While every Binary Application Security Test is different, our consultants often find similar classes of vulnerabilities across tests, as well as those not represented or more suited to the Common Weaknesses Enumeration (CWE) project. Common findings identified in Binary Application Security Tests include:

  • Input validation weaknesses
  • Application logic flaws
  • Hardcoded credentials in client or firmware
  • Memory management/corruption vulnerabilities
  • Poor cryptography practices
  • Authorisation and authentication weaknesses

Why Choose Mandalorian?

At Mandalorian we deliver binary application security testing across a variety of platforms and configurations for everything from simple monitoring applications to critical avionics systems. Our team work with our customers to provide a combination of high value services, consistency across engagements, and incredible support.

Next Steps

Call us now on 01256 830 146 or give us a few details about when your next health check is due and how we can help and we’ll get back to you asap.