Penetration Testing Online Games
Security expertise for any game.
Secure your game
Our penetration testing and cybersecurity services are aimed at creating a safer online environment for your game. Neglecting strong, thoroughly tested, and dependable security measures can leave developers vulnerable to malicious attacks. These vulnerabilities include in-game cheating through game modifications and packet tampering, which may snowball into revenue and customer loss.
With over 20 years of experience in gaming security, our team know exactly what to look for when it comes to testing and pushing the boundaries of your systems’ security.
We bring the mentality of a player and we offer our services to a wide range of genres including FPS, MMOs, and RPGs. As gaming specialists, we have seen and heard it all when it comes to how games can (and will) be attacked in the digital space.
We build our methods and testing packages around the things we learn as both player and security specialist.
Test your game's security against the best
If you'd like to learn more about our testing and the results we deliver, download our free, anonymised security reports.
Penetration testing for your online games
BLACK BOX +
- Most realistic
- Hacker perspective
- No intelligence provided
- Minimal permissions required
GREY BOX ++
- Most common
- Fast reconnaissance
- All permissions granted
- Partial documentation provided
WHITE BOX +++
- Most complete
- High quality assurance
- Full source code review
- Full documentation provided
Building blocks for testing
We believe in the creative power of collaboration. Our teams are at their best when they work in pairs. Our unique pair hacking approach allows us to not only cut testing time for your game in half but to create peer-reviewed and validated quality assurance loops that yield far more in-depth and creative results.
Our in-depth penetration testing will tackle your game security across the board. When it comes to testing, we approach it as both a player and an ethical hacker. We have a deep understanding of several game engines and the typical injection points for malicious actors. Thanks to the combination of our professional and personal experience with gaming, we typically find more than 25 bugs in a test cycle for a pre-release game.
Workflow
This is where we get to know your game. our teams determine the scope of your project by examining the target system, its architecture, programming languages, and functionalities.
Here, we do a deep dive with a full, manual penetration test of your game based on our reconnaissance and previous findings. Often, this process can account for up to 80% of the entire penetration testing cycle!
Once the full testing cycle has been completed, we deliver extensive, detailed reports. This covers all system vulnerabilities that we discovered, from small insertion points to major security issues. With this, we can provide the best practice solutions that work with your workflows and processes. We also outline fully the potential risks of each issue and how a malicious agent could exploit them.
Don't just listen to us, find out what our clients and partners have to say
"There are two benefits of cooperating with Cyrex - the quality of their work and the quality of cooperation with the team. Space Punks’ audit was thorough and gave us confidence in the security and scalability of the game. The way the team operates is a showcase of great balance between structure and flexibility."
Flying Wild Hog
"It was a pleasure working with the security team. They are extremely knowledgeable, capable, and very flexible; partnering with us and adjusting processes and communication to suit our needs. We are very much looking forward to an ongoing relationship between our teams."
Mythical
"The security audits are always splendid. With the extensive reporting and risk assessment, our developers can effectively patch vulnerabilities."
Gameforge
"We worked with Cyrex to secure our game and backend, and they were both very professional and very easy to work with! There was very little preparation needed from our side, and the report they presented was useful, in-depth, and easy to use as a blueprint to guide implementation of security hardening."
Sharkmob
Frequently asked questions
2) Extensive reporting: We offer fully comprehensive reporting including pseudo-code, proof of concept, and risk assessment for quick, thorough fixes.
3) Specialization: We specialize both in software development and application security. What this means is that we think like developers and act like hackers.
2) Grey Box: Most common
3) White Box: Most complete and recommended
News, thoughts and talking points
Constantly updated news and free thoughts on all things cybersecurity, application and software development hacking, and more.
