ETHICAL HACKING & PENETRATION TESTING
APPLICATION SECURITY TESTING
Your website, web applications, APIs, and mobile platforms are on the front lines of security attacks from Internet-based attackers.
Meditology's certified penetration testing team has decades of experience performing web application security testing to identify technical and logical security weaknesses for healthcare technology devices and platforms.
OUR APPLICATION SECURITY TESTING SERVICES INCLUDE:
Web Application Security
Meditology’s web application security testing includes a deep dive analysis of potential security weaknesses of your website and web applications that could allow an attacker unauthorized access to the network or sensitive information. We have extensive experience testing cloud hosted and locally hosted web applications to identify and fix security weaknesses in time to prevent irreparable breach events.
API & FHIR Testing
The 21st Century Cures Act has led to the development of Application Programming Interfaces (APIs) to connect EHR platforms with third-party apps and platforms. The new APIs leverage the FHIR development standard. Meditology’s penetration testing services for APIs are designed to identify security exposures that could lead to a material security breach of your systems.
Mobile Application Testing
The digital health renaissance has led to the movement of PHI and other sensitive information to staggering volume of new and innovative mobile technologies. Our mobile application testing services provide a thorough technical assessment of your mobile applications to identify potential security vulnerabilities or misconfigurations that could lead to a material breach of your critical systems and regulated patient information.
Dynamic and Static Code Analysis
Our static code analysis provides an offline security review of source code for your key applications to identify and remediate security exposures before they get deployed in production environments. Our team uses industry standard commercial static code analysis tools to facilitate our testing and analysis.
Desktop Application Security Assessments
Meditology’s desktop application assessment service is designed to identify security weaknesses, vulnerabilities, and misconfigurations in desktop-hosted apps that could lead to a breach of your systems and sensitive information.
WHAT SETS MEDITOLOGY APART
- Decades of experience hacking healthcare organizations
- Safe testing methods to protect patient safety
- Identify vulnerabilities common to the healthcare industry
- Findings mapped for compliance with HIPAA, HITECH, PCI-DSS, & NIST
- Aligned with industry standards like MITRE, OWASP, and OSSTMM
- Advisors to ONC / HHS on ethical hacking
- Comprehensive testing and reporting:
- Multiple avenues of attack and entry
- Manual testing from our highly specialized and certified team
- Robust reporting with tech detail and terminology the business can understand