PTW takes game and app security seriously. To keep our clients’ users safe, we take a three-fold approach to security involving Quality Assurance, DevOps, and Penetration Testing. We collaborate with our clients’ developers, DevOps, QA, and other teams to make sure the most important aspects of security are cared for. 

How can an app or game company keep its users safe? There are three primary aspects to user security: 

   1. A safe user is one whose personal information is kept private. 

   2. A safe user can trust that their login is restricted just to them, and that no hacker can gain access to their account. 

   3. A safe user expects an app or game to work correctly, and that everyone else using the app or game is playing by the same rules (no cheaters). 

When companies fail to balance all three aspects of security, all too often it can lead to the kinds of security breaches reported in the news. For example, Norton Healthcare recently disclosed that a hacking group accessed millions of their patients’ data, including very sensitive medical information. This kind of event is only increasing in frequency and intensity. 

(Source: techcrunch.com) 

“Security should be the responsibility of the entire company, not just a few select individuals,” says Harlan Beverly, PTW’s VP of Technology, leader of our IT and Cyber Security divisions. “At PTW, we pride ourselves on working with all our clients’ departments to ensure they are doing what is needed in QA, DevOps, and Penetration Testing as it relates to user security.” 

1. Penetration Testing 

When it comes to user security, it’s obvious that penetration testing is important. This kind of testing employs trained security professionals wielding similar tools and techniques to those that hackers use.  “These ‘white-hat hackers’ try to infiltrate servers and databases just like a hacker might, but with the goal of finding exploits and weaknesses that can be patched before the bad guys find them,” explains Harlan. “It’s a vital piece of keeping users safe, and PTW now offers this service, called NinjaScan, to all current and future clients building or maintaining games or apps.” 

2. Quality Assurance 

QA also plays an important role in keeping users safe. They make sure there are no bugs or critical flaws in a game or app that might leak information. “This would be catastrophic because a user’s personal data might be exposed,” warns Harlan. “QA makes sure this can’t happen. QA can’t always be perfect, however, and that’s where exploitation testing can help a QA team find those last few possible exploits that might harm a user.” For games, this includes areas where gamers might cheat and otherwise gain an advantage over other gamers.  

People familiar with PTW already know that we offer QA services to game companies, finding those critical flaws and potential security issues. But Harlan adds, “PTW also offers a new service called NinjaHack that can help find these exploits in parallel and in cooperation with QA or live production teams. Our team of experts act like people who might want to cheat or gain advantage from the app to find those exploits and help our clients get them patched before users find them.” 

3. DevOps 

Finally, DevOps also helps keep users safe by ensuring that all servers are kept up to date and that the network infrastructure is secure. “PTW’s NinjaScan and NinjaHack services work directly with the DevOps groups of our clients to not only identify potential exploits, but also patch them correctly. After patching, PTW then performs a rescan (free of charge) to ensure that the patch was successful. 

“All of this is standard practice and known to those in the industry,” continues Harlan. “It begs the question, however, ‘Why aren’t all companies taking these normal and proper precautions?’ Cutting costs is not a good reason, because in the long run, users will find out and stop using the app or game.” Harlan assures clients that PTW is ready to help by collaborating with every department in their company to keep every user safe.