MovieStarPlanet 2 is a social fashion game based on mobile and browser for younger audiences. We were contracted to conduct penetration testing over a two-week period. We conducted this testing under our Grey Box testing services.
We looked to ensure its security across both iOS and Android, as well as modern browsers. We tested for a full spread of vulnerabilities including:
- Business logic flaws
- Access control flaws
- Session management issues
- HTML injection issues
- Denial of service threats
- Open redirections
- Frame injection points
We discovered nearly forty security flaws, of which the development team deemed sixteen as critical. We delivered a comprehensive report of our findings, including solutions for these issues, which the development team used. The vulnerabilities were secured in a matter of weeks to the best practice security principles.
“Discovering these issues early has probably saved us a ton of dollars and headaches fighting hackers and corrupted data. We were really impressed by the skills Cyrex proved to hold. We hire people to create stuff and creators don’t necessarily have that “criminal mind-set” that Cyrex clearly do. We will continue to work with Cyrex in the future, simply because it’s a good business case with a great ROI.”
Caspar Strandbygaard, CTO