Mathias Blarer Penetration Testing

Ready for a no-commitment scoping call? I look forward to learning about your needs and discussing how I can help. Response within one business day.

info[at]mblarer.ch

Services

Application Pentests

  • Web applications & APIs
  • Mobile apps (iOS / Android)
  • Desktop applications
  • With or without code review

Network & System Pentests

  • External vulnerability scans
  • Internal vulnerability scans
  • Individual servers or clients
  • With or without credentials

Other Reviews & Tests

  • Configuration review
  • Design reviews
  • Email filter tests
  • Further tests upon request

Your Benefits

Direct Contact and Reliability

No account managers, no junior testers. I am your personal point of contact and carry the project from start to finish at the quality level you expect.

Professional Deliverables

You receive a tailored report with an executive summary, prioritized findings, and concrete remediation recommendations.

Project Workflow

1. Scoping

Project scope, goals, and timeline are defined together.

2. Kick-off

Prerequisites and project organization are prepared and clarified.

3. Testing

Security testing within the agreed scope with daily status updates.

4. Report & Retest

Delivery of the final report and free retest of all remediated findings.

Expertise

Pentesting Experience

  • 100+ penetration tests completed
  • 4 years of penetration testing at a leading Swiss cybersecurity firm
  • Engagements at SMEs and large enterprises across multiple industries (incl. manufacturing, financial services, and government) in and near Switzerland
  • References available upon request

Methodologies & Standards

  • OSSTMM 3: Open Source Security Testing Methodology Manual − rules of engagement applied across all projects.
  • OWASP ASVS 5: Application Security Verification Standard − reference framework for application pentests (levels 1−3, depending on testing depth).
  • Other de facto standards (e.g., CIS Benchmarks) are applied according to the type of engagement.

Education & Certifications

MSc ETH CS
Master of Science ETH in Computer Science

OSCP
OffSec Certified Professional

OSWE
OffSec Web Expert

OSWP
OffSec Wireless Professional

CRTO
Certified Red Team Operator

BSCP
Burp Suite Certified Practitioner

OPST
OSSTMM Professional Security Tester