Secure Sense usually starts the security audit by collecting information about the targets within the defined scope. This information is used to determine the attack vector that is appropriate for this particular web application(s) and underlying technology.

The tests within the security audit are generally performed manually and supported by automated tools. We believe that this results in better test results because the security audit direction can be directly adapted to the situation. If automated tools are used, we will always manually verify the findings to minimize the chance of false positives.