home

HOME

about

ABOUT US

services

SERVICES

others menu

OTHERS

close

ENSURING UNCOMPROMISED SECURITY,

through meticulous penetration testing for your web and mobile applications!

LOGIQUE'S PENETRATION TEST

page-quality
High Quality

CEH certificated Security professionals are in charge, so assessment and reporting quality is guaranteed. Our clients ask us to assess the system / web / app repeatedly (periodically).

CEH certificated Security professionals are in charge, so quality is guaranteed.

money
Resonable Price

We are confident that our pricing is highly competitive compared to other companies that perform manual testing. Considering the cost of security incidents, it is a cost-effective investment for prevention (Security Penetration Test).

Confident that our pricing is highly competitive compared to other companies.

calender
Quick Delivery

We can deliver a vulnerability assessment report in a week at the shortest. However, it usually takes a long time for our client to review the report or fix the vulnerabilities.

Can deliver a vulnerability assessment report in a week at the shortest.

WHAT LOGIQUE'S STANDARD PENETRATION TEST SCOPE COVERS

web
Top 10 OWASP Website

An IT system / web application usually comes with a variety of important data, making a data leakage critically undesirable. Logique’s penetration testing services will overcome this, our IT security experts will determine the scope of the test and conduct a comprehensive assessment. To fix the vulnerability, LOGIQUE can also properly introduce you to an IT development company that can handle it.

web
Top 10 OWASP Mobile App

Mobile/smartphone penetration testing serves to review the mobile app’s level of security vulnerability in a mobile application (Android/iOS). Mobile app penetration tests can also include tests for web APIs.

web
Top 10 OWASP Infrastructure

Infrastructure penetration testing is carried out in order to identify any existing security vulnerabilities in regards to critical network infrastructure within the company. The scope of this penetration test is limited to testing servers, routers, workstations, and the cloud. The testing process can also be done remotely or on-site.

LOGIQUE Digital Indonesia Upholds World-Class Standards Regarding its Pentest Services.

In carrying out the penetration testing (pentest) process, LOGIQUE is supported by a team of experienced Pentesters who hold CEH (Certified Ethical Hacker) and CSCU (Certified Secure Computer User) certifications from the EC-Council, so there is no need to doubt our capabilities.

Why should you choose Logique Digital Indonesia to pentest your system?

Logique Digital Indonesia has experienced testers specifically trained in finding security loopholes present in a wide variety of websites and applications. In carrying out these necessary security tests, Logique Digital Indonesia's professional team of pentesters will always apply a certain level of operational standards used internationally, by all pentesters around the world. If needed, Logique Digital Indonesia can also conduct penetration tests on the spot, where the IT security team will come to the company and conduct tests directly.

The entire security team at LOGIQUE also possesses certificates; their capabilities are unquestionable. Here are the various certifications we have:

  • CEH (Certified Ethical Hacker)
  • CSCU (Certified Secure Computer User) from EC-Councill
  • Certified Pentesting Expert - Global Tech Council
  • Certified White Hat Hacker - Global Tech Council
  • NSE (Network Security Expert)
  • CSFPC (Cyber Security Foundation Professional Certificate)
  • CNSS (Certified Network Security Specialist)
  • BCIS (Brainbench Certified Internet Security)

What method does Logique Digital Indonesia use in conducting pentests?

In conducting pentests, Logique Digital Indonesia has 3 methods that can be used, including:

close icon
This technique is based on certain key details of the application being tested, such as the appearance of the application, the functions contained within the application, and the adjustment of the functions of the application to the business desired by the customer. This test is carried out without looking at and testing the source code of the program within the application.
This is a technique based on certain detailed and logical procedures of a program’s code. In this method, the tester will look at the entire source code of a program to locate bugs from the program’s code.
This is a technique derived from a combination of both the Black Box and White Box techniques. Tis procedure involves the pentester engaging the application based on certain specifications, but uses the way it works from within the application aka the source code program.
Stages
What are the stages of LOGIQUE'S penetration testing procedures?

Logique Digital Indonesia uses international penetration testing standards as a reference for implementation in conducting tests, including:

Step 1
1. Reconnaissance
Step 2
2. Scanning
Step 3
3. Gaining Access
Step 4
4. Maintaining Access
Step 5
5. Covering Tracks

LOGIQUE DIGITAL INDONESIA'S EXPERIENCE IN CONDUCTING PENETRATION TESTING

Logique Digital Indonesia is very experienced in conducting security assessments. We have conducted penetration tests for government websites and a number of companies in various industrial fields ranging from fintech, e-commerce, automotive, and many more.

During penetration testing for various companies, we have found some security loopholes or bugs so that patches or patches can be done immediately. Some of the bugs we have found such as:

  • Injection
  • Cross-Site Scripting (XSS)
  • Sensitif data exposure
  • Security misconfiguration
  • Broken access control, etc.

LOGIQUE Assesment Flow

Assesment Flow
Penetration Testing By LOGIQUE
Select Year
2019
2020
2021
2022
2023
Time Industry Object of Assesment Found Problems (Risk Level)
High Middle Low
Sep - Oct 2019 Travel Web app 5 4 2
Sep - Oct 2019 Media Online Media 8 0 3
Sep - Oct 2019 Entrainment Network infrastructure 4 2 1
Sep - Oct 2019 E-commerce Market Place Web 8 4 4
Oct 2019 E-commerce PWA 4 3 0
Oct - Nov 2019 Forwarding Website company profile 5 5 3
Oct - Nov 2019 E-commerce Web app 6 0 2
Oct - Nov 2019 E-commerce Web app 2 2 1
Oct - Dec 2019 E-commerce Web app 53 1 0
Nov - Dec 2019 E-commerce Mobile app for Android 2 2 2
Nov - Dec 2019 E-commerce E-commerce 3 2 2
Nov - Dec 2019 E-commerce E-commerce 2 2 1
Nov 2019 Fintech Web app 1 2 3
Nov 2019 Fintech Mobile app for IOS and Android 2 4 2
Dec 2019 Finance Corporate Web 2 1 4
Dec 2019 Automotive Corporate Web 4 0 2
Dec 2019 Service Member web 3 4 3
Time Industry Object of Assesment Found Problems (Risk Level)
High Middle Low
Jan 2020 Fintech Web App 0 2 0
Jan 2020 Fintech Mobile App 1 8 1
Jan 2020 Fintech Network Infrastructure 0 3 0
Feb 2020 Automotive Network Infrastructure 0 0 1
Feb 2020 Service Web App 0 4 1
Feb 2020 Mobilephone Provider Web App 1 10 2
Mar 2020 Airline Web App 0 4 1
Mar 2020 Financial Planner Web App 4 1 2
Mar 2020 Travel Web App 5 4 2
Apr 2020 Service Network Infrastructure 0 1 2
Apr 2020 Service Web App 0 1 3
May 2020 Insurance Web App 4 4 1
May 2020 Insurance Network Infrastructure 0 2 3
Jun 2020 Pharmacies Web App 0 2 0
Jun 2020 Fintech Web App 5 0 0
Sep 2020 Fintech Web App 0 4 2
Oct 2020 Agriculture Network Infrastructure 0 5 1
Time Industry Object of Assesment Found Problems (Risk Level)
High Middle Low
Jan 2021 Automotive Website 1 2 0
Jan 2021 Financial Corporate Web 0 4 2
Feb 2021 Automotive Internal Web System 0 4 2
Feb 2021 Retail Business Mobile App 0 2 3
Feb 2021 E-Learning Web App 0 5 8
Jun 2021 Insurance Web App 0 4 4
Sep 2021 E-commerce Web App 3 2 8
Sep 2021 Public Institution Web System 1 0 5
Oct 2021 Research Company Website 2 1 3
Nov 2021 Food Porducer Web App 0 4 3
Nov 2021 Manufacture Corporate Web 0 3 4
Time Industry Object of Assesment Found Problems (Risk Level)
High Middle Low
Jan 2022 Marketing Agency Corporate Web 0 2 1
Jan 2022 Online media Web app 2 2 3
Jan 2022 Medical Startup Web App 0 2 7
Feb 2022 Manufacture Mobile App 3 1 4
Mar 2022 Automotive Service Web 0 2 2
Mar 2022 Marketing Agency Web App 3 3 5
Apr 2022 Service Mobile App 1 2 4
May 2022 Sier Corporate Web 2 0 2
Jun 2022 Insurance Mobile App 1 2 4
Jun 2022 Fintech Startup Mobile App 1 5 3
Jun 2022 Food Manufacture Web system 1 2 1
Jun 2022 Public Institution Web system 2 4 4
Jun 2022 HR Agency Web App 0 4 4
Jul 2022 Automotive Website 0 3 3
Jul 2022 Retail Website 0 2 5
Jul 2022 Manufacturer Network 0 2 2
Aug 2022 Fintech Startup Mobile App 1 1 4
Aug 2022 Travel Web App 2 2 3
Sep 2022 E-Commerce Web App 4 1 4
Sep 2022 E-Commerce Network Infrastructure 2 1 1
Oct 2022 Online media Web App 1 4 1
Oct 2022 E-Commerce Mobile App 1 2 2
Oct 2022 Manufacturer Network Infrastructure 1 0 1
Nov 2022 Financial Website 0 2 2
Nov 2022 Medical Website 1 4 4
Nov 2022 Manufacturer IT System 6 8 12
Dec 2022 E-Commerce Mobile App 2 2 3
Dec 2022 IT Service Website 1 2 4
Time Industry Object of Assesment Found Problems (Risk Level)
High Middle Low
Jan 2023 Financial Website 1 3 3
Jan 2023 Financial API 1 1 1
Jan 2023 Fintech Startup Network Infrastructure 0 2 2
Jan 2023 Insurance Web App 1 5 2
Feb 2023 Traiding Network Infrastructure 2 3 4
Feb 2023 Traiding IT System 8 17 10
Feb 2023 Food Web App 2 2 3
Feb 2023 Food API 1 1 4
Feb 2023 IT Service Website 1 4 1
Mar 2023 Service Web App 2 1 6
Mar 2023 BPO Network Infrastructure 2 5 7
Mar 2023 Real Estate Website 1 3 3
Mar 2023 Real Estate API 0 1 2
Mar 2023 Service Website 0 2 3
Apr 2023 Saas Web App 2 6 4
Apr 2023 Consulting Website 1 4 2
Apr 2023 Transportation IT System 5 4 11
Apr 2023 IT Service Mobile App 1 3 3
Apr 2023 IT Service Web App 1 2 4
Jun 2023 Public Sector Website 1 1 3
Jun 2023 Market Place Web App 4 3 8
Jun 2023 Financial Mobile App 1 6 4
Jul 2023 Automotive Website 3 2 8
Jul 2023 Automotive Mobile App 5 5 8
Jul 2023 Financial Network Infrastructure 0 2 2
Jul 2023 IT Service Website 0 1 3
Jul 2023 Real Estate Mobile App 4 8 8
Aug 2023 Online Platform Web App 5 7 8
Aug 2023 Fintech Startup Mobile App 1 4 3
Aug 2023 Automotive IT System 2 4 5
Aug 2023 Real Estate Website 1 3 4

Our clients

The following shows a partial list of companies that have entrusted Logique Digital Indonesia with their penetration testing process:

Alo dokter
assa
migo
indokoala
ptgasi
softorb
yamaha
pacto
PUPR
hk
mpc
sumitomo
paramount
BOT Finance
Sample Report

We set 3 Levels of Security Risk

In providing this service, we will offer reports within a format that is easy to understand. The assessment of cyber security vulnerabilities will also be classified into 3 levels, namely High Risk (high), Medium Risk (medium), and Low Risk (low). The level of existing security risk will thereby refer to the overall impact it can potentially have on the business, either in terms of your business’ economy, reputation, or in regards to the possibility that the impact could arise in the near future.

3 Levels of Security Risk
High Risk If any high-risk vulnerabilities are revealed, this can cause dire consequences in the form of reputational damage, financial losses and thereby contribute to critically serious damage on your business’ continuity.Examples of these vulnerabilities include: SQL Injection, Remote Code Execution, RFI/LFI, Broken Access Control, Hard Coded Sensitive Data, Subdomain Takeover, bypassable OTP verification process, etc.
Middle Risk Moderate-risk vulnerabilities can have a devastating impact on your business, but will not commonly cause fatal repercussions for the company overall. Examples of these vulnerabilities can include: Sensitive information disclosure, open redirect, no rate limit, improper error handling, directory listing is enabled, etc.
Low Risk These include security vulnerabilities that could cause a minor impact on the targeted system. Examples of vulnerability findings: Unsecured cookie attributes and HttpOnly, leaked web server technology, information disclosure – ASP.NET Debug method Enabled, misconfigured cross origin resource sharing (CORS), weak password policy, etc.

FAQ

plus icon
The entire LOGIQUE security team has been CERTIFIED CEH (Certified Ethical Hacker) and CSCU (Certified Secure Computer User) from EC-Coucil.
In testing the system, it depends on the scope. However, it generally takes 1 week.
The standard applied by the LOGIQUE security team is based on OWASP (Open Web Application Security Project).
By doing a pentest, you will get an idea of how strong your system's defenses are in the face of cybercrime and various other intrusions.
When testing any specific system, starting from the initial stage (preparation), testing stage (assessment) to the reporting stage (reporting), LOGIQUE offers prices starting from Rp. 15 million, depending on the type of application or system to be reviewed. In order to learn more, you can directly contact us by email to info@logique.co.id or at the telephone number (021) 227 089 35/36 or via WhatsApp message at 0811-870-321.
Before testing the system, the client only needs to explain the system processes that occur. You can also submit other supporting data if needed.
No, we only use automated tools when scanning. Meanwhile, for penetration testing, the LOGIQUE security team uses a manual method during the testing process.
Vulnerability Assessment test or VA test rely on automated tools in order to scan the more obvious vulnerabilities; often these tools are rudimentary in nature, thereby disallowing such methods from conducting a thorough inspection.
In whitebox testing, the pentester will get full access to the tested system so that it can perform static analysis of various things, such as code, architecture analysis and others. As for the blackbox, the pentester will play a role like a hacker who will attack from outside and try to enter the system using the minimum possible initial information.

Please contact LOGIQUE for more information about Penetration Testing Service