Case Study: Andromeda Systems – Mobile App Pentest with Reverse Engineering

Client:

Andromeda Systems — a company specializing in the development of mobile and web applications, RPA, and AI services

Industry:

Software Development

Focus:

Securing applications that interact with client systems and handle sensitive data

Main challenge:

Identifying critical vulnerabilities in the app before release to prevent system compromise and data leakage

Market:

International

Services provided:

reverse engineering, full grey-box pentest using SAST, DAST

Key Takeaways

Conducted a grey-box app pentest using SAST, DAST, and reverse engineering

Identified critical vulnerabilities that could have led to data leaks; improved resilience to attacks

Delivered a final report with security enhancement recommendations to be implemented in future releases

100%

coverage of critical security elements

weeks instead of the planned 3 — project duration

IPO file

fully analyzed for vulnerabilities

Case Study: Andromeda Systems – Mobile App Pentest with Reverse Engineering

May 10, 2025

14 min

Is the app secure enough before release? Andromeda Systems reached out for a comprehensive security assessment of their product. In just 2 weeks, Datami performed a grey-box pentest, analyzed the IPO file, conducted reverse engineering, and discovered critical vulnerabilities. As a result, the client received detailed recommendations and significantly enhanced the mobile app's cybersecurity.

Andromeda Systems is a mid-sized IT company specializing in the development of mobile and web applications, as well as the implementation of solutions based on RPA and artificial intelligence. The company’s products help clients automate business processes.

For Andromeda, information security is a strategic priority, as even a single vulnerability in an application can lead to the leakage of sensitive data, posing reputational risks and potential financial losses.

Objectives and challenges

Andromeda Systems planned to perform a security assessment either before or shortly after the release of its mobile application. The client wanted to ensure that the product did not contain critical flaws that could pose security threats.

The goal of the project was to identify potential threats, assess risk levels, and provide practical recommendations to enhance cyber resilience.

Conduct a full grey-box pentest using SAST, DAST, and reverse engineering
Analyze the application's IPO file and related components
Identify vulnerabilities, assess their severity, and provide reports with recommendations

Penetration testing

Grey-box pentest using SAST, DAST, and reverse engineering

IPO file and components

Security analysis of the app’s IPO file and related components

Report and recommendations

Final report with identified risks and recommendations

Datami Methodology: Security Assessment for Andromeda Systems

Our approach

Datami conducted a comprehensive security assessment of the Andromeda Systems mobile application, focusing on the analysis of the IPO file, internal components, and service logic.

The core method was a grey-box pentest. We combined static (SAST) and dynamic (DAST) analysis with reverse engineering, which allowed us to uncover non-standard threats.

Testing was performed both manually and using specialized tools, providing a complete picture of the application’s security posture.

Despite limited input data, the team identified critical threats and provided actionable recommendations to enhance cybersecurity.

Gray-box

The testing was conducted with partial access to internal data, enabling realistic attack simulations and identification of system weaknesses without being overly invasive.

Key project stages and solutions

As part of the project, Datami conducted a thorough technical assessment of Andromeda’s mobile application, tailoring the approach to the architecture specifics and the characteristics of the provided IPO file.

The main focus was on analyzing security components, including reverse engineering, SAST, DAST, and the verification of application logic.

Preparation

Assessment of the available information, clarification of technical parameters, and development of a testing plan tailored to the mobile environment.
Pentesting execution

Grey-box penetration testing with SAST/DAST analyses, reverse engineering of the IPO file, and both manual and automated checks of logic, authorization, and data processing.
Analysis and reporting

Documentation of identified vulnerabilities, formulation of recommendations, and delivery of a detailed security assessment report.

Fewer critical risks — more confidence

Results and recommendations

At the start of the project, the Andromeda application required an in-depth security assessment due to the potential for critical vulnerabilities in data processing logic, authorization, and API interactions.
During the grey-box pentest, which included elements of reverse engineering, the Datami team identified several security issues, including critical and medium-level vulnerabilities that could have led to the leakage of confidential information.

The recommendations covered:

Improving authorization logic and input validation
Enhancing error handling and protection against API misuse
Implementing regular technical audits and pre-release testing
Scheduling periodic technical calls to align security priorities

As a result of the testing, the system became significantly more resilient to attacks, the overall risk level was substantially reduced, and the client received a structured report with actionable next steps.

The project was successfully completed within the planned 2-week timeframe — faster than the industry average. The recommendations provided formed the basis for further improvements in the company’s cybersecurity processes.

Key project takeaways

Thanks to Datami’s testing, Andromeda Systems significantly enhanced the security of its mobile application within just two weeks.

The client gained a clear view of existing threats, achieved a reduced risk level, and received a well-defined action plan for ongoing improvements.

This case study demonstrated that tech companies developing complex digital products require regular security assessments to minimize financial risks and maintain customer trust.

Aspect

Before the project

After implementation

Security posture

High risk of data leakage and unauthorized access due to lack of application testing

Data leakage and access risks significantly reduced after pentesting

Critical vulnerabilities

Potential compromise due to unhandled authorization and validation scenarios

Critical vulnerabilities identified; protection recommendations provided

Access risks

Possibility of unauthorized user access or actions within the system

Recommendations implemented to strengthen access control and logic

Security compliance

Partial compliance with internal policies and practices

Overall compliance with security requirements improved

Timeline

Typical duration for similar projects exceeds 3 weeks

Project completed faster — in just 2 weeks

Case Study Grindset Software: Payment System Pentest for PCI DSS Compliance

Conducted a black-box penetration test of critical payment system components
Discovered 15 vulnerabilities; 5 critical issues were resolved within 48 hours

Services provided:

Black-box penetration testing of the payment system, including assessment of web applications, servers, databases, and communication channels

May 11, 2025

Case Study: DAVITOO UKRAINE – LMS Security Testing Before HIPAA Certification

Completed a full security audit and gray-box penetration test of LMS Collaborator
Identified 15 vulnerabilities, including 5 critical issues, resolved within 24 hours

Services provided:

Gray-box penetration testing and security audit of the web platform, containerized environments, and network interactions

May 11, 2025

BookingSync Case Study: API Pentest for Personal Data Protection

Conducted a gray-box pentest of API endpoints
Identified several low-level vulnerabilities

Services provided:

Gray-box API pentest using Burp Suite API Scan and manual testing methods

May 11, 2025

Back to home page

Datami articles

What Do You Need to Know About External Network Penetration Testing?

Oleksandr Filipov: Security engineer at Datami, author of articles

What Do You Need to Know About External Network Penetration Testing?

Find out what External Network Penetration Testing is and what determines its cost. Review its benefits, stages, duration, and key approaches.

May 23, 2025

Internal Network Penetration Testing: Identify Vulnerabilities Before Attackers Do

Oleksandr Filipov: Security engineer at Datami, author of articles

Internal Network Penetration Testing: Identify Vulnerabilities Before Attackers Do

Learn what an Internal Network Penetration Test is and how to prepare for it. Discover the meaning, stages, and challenges of conducting an Internal Network Pen Testing.

May 8, 2025

Network Penetration Testing: What Is It?

Oleksandr Filipov: Security engineer at Datami, author of articles

Network Penetration Testing: What Is It?

What is network penetration testing? Learn more about the approaches and types of network pentests, the key stages, and the outcomes of a network penetration test.

May 1, 2025

Show all articles

Order a free consulidation

On this page you will learn what cookies are and how and when we use them. Definition of the term Cookies Cookies are pieces of data that a web server generates and that a website stores on your user device (computer, smartphone, tablet, etc.). Each website or third-party service sends cookies to the browser installed on your device only if your browser allows it. This is possible if you have not set any restrictions in your browser settings to save cookies. Browsers are a very well thought out technology. They protect personal data and allow websites to access only cookies that were previously sent to them. Cookies are divided into: session cookies. They are stored in the memory of the browser only during your session, after leaving the site immediately removed. permanent. They are stored in the memory of the browser for a long time. Definition of the term “browser” A browser is an application for browsing websites. The most popular browsers are Chrome, Internet Explorer, Firefox and Safari. All listed browsers are safe. In the settings of these browsers, cookies can be easily disabled, as well as change the settings of their work. You can: accept all cookies; ask the browser to notify when cookies are used; do not accept cookies. Cookies on ak1-3.com.ua and how we use them We use cookies to: our site is more functional; to understand how you navigate on the site, what content you consume better, to develop the content strategy of the site; understand how many visits to the site were per day, month, year. Analyze the geographical identity of users of the site, the number of repeated visits and other data. Cookies that we use on our site. Third-party cookies. The buttons of social networks, videos and some other services of our site are the property of other companies. These companies may also use cookies on your device if you have used them on our site or have been previously registered with them. The privacy policy of the use of personal data by these services can be found on the websites of these services. Blocking cookies All browsers allow simple actions to disable cookies. To disable them, you must go to your browser settings and find cookies in them. But we must remember that blocking cookies can have a negative impact on the performance of many websites. How to delete files You can also always delete cookies that are stored on your computer. To do this, follow the instructions of your browser Again, deleting cookies can have a negative effect on the performance of many websites.