Skip Header
Imagebild Penetrationstests für mehr App-Sicherheit für Cap3 von team neusta

Strengthening App Security: How Targeted Penetration Tests Minimize Risks and Improve Quality

For the health app developed by Cap3, we conducted a comprehensive security analysis, including an external penetration test. In the process, we identified vulnerabilities, provided specific recommendations for action, and further refined our testing methodology for mobile applications.

Shortcuts to the project

Cap3 GmbH, based in Kiel, develops web and mobile applications for various industries. For a health app developed by Cap3, we conducted a comprehensive security analysis, including an external penetration test. Based on the security report, we identified specific vulnerabilities and formulated recommendations to strengthen security measures early in the development process going forward. The results were immediately incorporated into the app’s further development—and laid the foundation for a trusting, ongoing collaboration.

Our Project Approach

  1. 1

    Planning and Understanding System Architecture

    Together with Cap3, we first defined the scope of the audit and gained a clear understanding of the app’s architecture and functionality. This allowed us to lay the foundation for a targeted and effective security analysis.

  2. 2

    Automated Risk Detection

    Using specialized tools, we performed an automated code and logic analysis. This allowed us to identify and prioritize potential vulnerabilities early on.

  3. 3

    Field tests under real-world conditions

    In manual tests, we verified the results and simulated targeted attacks—such as by bypassing verification measures or manipulating communication channels. This allowed us to gain realistic insights into the actual threat potential.

  4. 4

    Analysis and Recommendations for Action

    We compiled all the results into a clearly structured security report. In it, we assessed risks, documented vulnerabilities, and provided specific recommendations on how Cap3 can make the app even more secure in the future. We discussed these recommendations together during the final workshop.

Sustainable App Security Through Precise Analysis and Optimized Testing Methods

The app we tested featured an exceptionally secure communication architecture that could not be fully verified using standard analysis tools. Thanks to test endpoints specifically provided by Cap3, we were nevertheless able to conduct the security analysis efficiently and accurately.
Since mobile applications entail specific security requirements, we specifically refined our testing methodology during the project and have since fully professionalized it. The result was a detailed security report containing technical descriptions, risk assessments, and clear recommendations for addressing the identified vulnerabilities.
Today, we regularly support Cap3 in securing new releases—as a trusted partner for sustainable application security.

To the original report

Contact us if you want to specifically strengthen the security of your applications and minimize risks in the long term.

Philip Keil Portrait

Philip Keil

Title: IT-Security