2025

Scope of the 2025 Assessment

The 2025 penetration testing engagement included:

Authenticated web application testing of the Self-Service application
Unauthenticated web application testing of the Nano and Service Manager applications
Assessment from the perspective of:
- Unauthenticated internet users
- Standard authenticated users

Testing was performed remotely across multiple phases between September and November 2025, in line with recognised penetration testing methodologies .

361KB

Alemba Unauthenticated and Authenticated Web Applications Penetration Test 2025 Summary Report.pdf

PDF

Open

Assessment Outcomes

The independent assessment provided:

An objective evaluation of application security strengths and weaknesses
A prioritised list of identified findings
Practical remediation guidance aligned with security best practices

All identified findings were reviewed and addressed promptly. At the conclusion of the assessment and retesting cycle:

No critical, high, or medium-severity findings remained
One low-severity finding and two informational items were recorded
The overall final severity rating was assessed as Low

These results demonstrate the effectiveness of our secure development practices and our commitment to timely remediation.

PreviousSecurity Penetration Test Reports NextExample Solutions - Best Practices for a Successful Outcome

Last updated 13 hours ago

Was this helpful?

hashtagScope of the 2025 Assessment

hashtagAssessment Outcomes

Scope of the 2025 Assessment

Assessment Outcomes