Security Audit 2023 by Trovent
At Psono, we take security very seriously and are committed to safeguarding our users' passwords. As part of our continuous effort to enhance Psono's security, we conduct annual audits. In the beginning of 2023, Trovent Security GmbH performed a thorough audit focusing on headers and web security best practices, such as:
- SQL injection
- Broken authentication
- Broken access control
- Sensitive data exposure
- Cross-site scripting (XSS)
- File inclusion
- Insecure direct object references (IDOR)
- Cross-site request forgery (CSRF)
During their penetration test of the Psono web application, Trovent Security GmbH discovered two security vulnerabilities. These issues were not related to the common vulnerabilities listed above but were instead tied to the configuration of the web application or web server. One vulnerability was rated as MEDIUM risk, while the other was rated as NONE.
"No vulnerabilities were found in the Psono web application itself."
The full security report can be accessed here.
We are incredibly grateful to Trovent for their expertise and dedication. Their hard work ensures we can rest easy at night!
