Ruby on Rails Application Penetration Test

Scheduling APIs SaaS Provider

The Client

Technology firm providing scheduling APIs via its Rails-based SaaS platform.

The Challenge

The client requires bi-annual penetration testing of their service.

Our Solution

4ARMED provided a specialist application security tester with domain expertise in API-driven platforms. Application security test-cases were built out from Postman collections to fully explore the API functionality.

Rails provided significant security out of the box and code quality was found to be high but a number of novel edge-case issues were identified that our client was pleased to be able to address.

Further follow-up work has since been conducted including vulnerability scanning, wider consultancy and a review of their Kubernetes-based infrastructure on AWS.

Great communication and overall professionalism. Found several things that previous penetration tests by other companies did not uncover.

Garry, CTO

Related Services


Next Steps

Could your business benefit from an engagement like this? Want to discuss your requirements further? Give us a call or complete the contact form below to tell us about your requirements and we will work with you to find the best solution for you.