Penetration Testing Online Games

Security expertise for any game.

Secure your game

Our penetration testing and cybersecurity services are aimed at creating a safer online environment for your game. Neglecting strong, thoroughly tested, and dependable security measures can leave developers vulnerable to malicious attacks. These vulnerabilities include in-game cheating through game modifications and packet tampering, which may snowball into revenue and customer loss.

With over 20 years of experience in gaming security, our team know exactly what to look for when it comes to testing and pushing the boundaries of your systems’ security.

We bring the mentality of a player and we offer our services to a wide range of genres including FPS, MMOs, and RPGs. As gaming specialists, we have seen and heard it all when it comes to how games can (and will) be attacked in the digital space.

We build our methods and testing packages around the things we learn as both player and security specialist.

Test your game's security against the best

If you'd like to learn more about our testing and the results we deliver, download our free, anonymised security reports.

Penetration testing for your online games

BLACK BOX +

  • Most realistic
  • Hacker perspective
  • No intelligence provided
  • Minimal permissions required

GREY BOX ++

  • Most common
  • Fast reconnaissance
  • All permissions granted
  • Partial documentation provided

WHITE BOX +++

  • Most complete
  • High quality assurance
  • Full source code review
  • Full documentation provided

Building blocks for testing

We believe in the creative power of collaboration. Our teams are at their best when they work in pairs. Our unique pair hacking approach allows us to not only cut testing time for your game in half but to create peer-reviewed and validated quality assurance loops that yield far more in-depth and creative results.

Our in-depth penetration testing will tackle your game security across the board. When it comes to testing, we approach it as both a player and an ethical hacker. We have a deep understanding of several game engines and the typical injection points for malicious actors. Thanks to the combination of our professional and personal experience with gaming, we typically find more than 25 bugs in a test cycle for a pre-release game.

Workflow

1
Passive Phase Reconnaissance

This is where we get to know your game. our teams determine the scope of your project by examining the target system, its architecture, programming languages, and functionalities.

2
Active Phase Target Penetration

Here, we do a deep dive with a full, manual penetration test of your game based on our reconnaissance and previous findings. Often, this process can account for up to 80% of the entire penetration testing cycle!

3
Reporting Debrief & Next Steps

Once the full testing cycle has been completed, we deliver extensive, detailed reports. This covers all system vulnerabilities that we discovered, from small insertion points to major security issues. With this, we can provide the best practice solutions that work with your workflows and processes. We also outline fully the potential risks of each issue and how a malicious agent could exploit them.

Don't just listen to us, find out what our clients and partners have to say

"We were really impressed by the skills Cyrex proved the hold, we hire people to create stuff and creators don't necessarily get that "criminal mindset" that Cyrex clearly do. We will continue to work with Cyrex in the future, simply because it's a good business case with a great ROI."

MovieStarPlanet

"It was a pleasure working with the security team. They are extremely knowledgeable, capable, and very flexible; partnering with us and adjusting processes and communication to suit our needs. We are very much looking forward to an ongoing relationship between our teams."

Mythical

"The security audits are always splendid. With the extensive reporting and risk assessment, our developers can effectively patch vulnerabilities."

Gameforge

"We worked with Cyrex to secure our game and backend, and they were both very professional and very easy to work with! There was very little preparation needed from our side, and the report they presented was useful, in-depth, and easy to use as a blueprint to guide implementation of security hardening."

Sharkmob

Frequently asked questions

A penetration test, or pentest, is an authorized simulated cyberattack on a system or application. It is conducted by our security engineers to evaluate the security present. It is used to test and validate the security maturity of your systems by uncovering, exploiting, and resolving cyber and IT related vulnerabilities.
The cost is based on the functionalities present and you are only charged for what needs to be tested. Get in touch with us to learn more about a testing quote.
1) Pair hacking: We always have at least two security engineers on your project. This ensures that there are no stones left unturned. Thanks to this approach, we can deliver remarkably higher quality results in half the time. This has helped our clients to optimize and manage their budget.

2) Extensive reporting: We offer fully comprehensive reporting including pseudo-code, proof of concept, and risk assessment for quick, thorough fixes.

3) Specialization: We specialize both in software development and application security. What this means is that we think like developers and act like hackers.
We work with any game with an online component – MMORPG, Online FPS, and social games in particular.
1) Black Box: Most realistic
2) Grey Box: Most common
3) White Box: Most complete and recommended