Independent Penetration Testing - June 2021

Modified on Wed, 15 Sep, 2021 at 10:23 AM

A penetration test is an interactive security test undertaken to identify security vulnerabilities that are actually exploitable.


In accordance with Wellnomics Security Development Lifecycle (SDLC) Policies and Procedures Independent Penetration Testing is conducted annually on the latest version of Wellnomics SaaS (Wellnomics Risk Management).  This is done to ensure that Wellnomics solutions meets the highest standards for security, and provides customers with confidence that all efforts are carried out to avoid vulnerabilities in Wellnomics solutions.


Independent security specialists, Insomnia Security were engaged to perform a full penetration test on (pre-release) Wellnomics SaaS version 4.5.0  application and API on an Azure hosted server. The initial report found, one high, two medium and 7 low priority issues.


Following the initial test, a regression test was carried out by Insomnia Security, giving time for Wellnomics to evaluate and address the vulnerabilities according to Wellnomics security guidelines.


The regression test confirmed all high and medium security vulnerabilities had been removed from Wellnomics SaaS 4.5.0 Web Application and API on an Azure hosted server.  The version used for the regression test has since been released to clients.  


An official statement from Insomnia Security confirming the Application Security Review above is attached below.


Insomnia Security is a CREST Approved organization and a certified accredited member of CREST International, the Council of Registered Ethical Security Testers.


Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article