Mothax is an application security testing company who specialises in Web applications and Web APIs. Using open standards to measure your assets against and provide clear and detailed reports to help you recreate vulnerabilities, prioritise effort and mitigate risk.

Web application testing

Web application testing

  • Over 20 years’ experience testing everything from simple marketing websites to full banking platforms.
  • Working with most common web technologies including the latest cloud platforms, authentication services and databases.
  • Flexible testing approaches targeting test instances or production systems with minimized impact.
  • Linking findings to the OWASP Application Security Verification Standard (ASVS) and other authoritative references.
Web api testing

Web api testing

  • SOAP and REST services based on most common technology stacks.
  • Context sensitive testing and reporting for API’s supporting mobile or browser-based apps.
  • Automating key tasks from your Postman or Swagger specs for maximum efficiency.
  • Linking findings to the OWASP API top-ten and other authoritative references.
Cloud security audit

Cloud security audit

  • Ensure cloud user accounts are appropriately secured with strong authentication
  • Prevent data leaks from misconfigured storage containers or API services
  • Audit access control lists that protect sensitive network services and isolate back-end systems
  • Confirm audit logging is enabled to help spot account misuse and manage incidents effectively