Get in touch
SaaS · EdTech

Pentest for Collaborator SaaS — leading corporate LMS

Comprehensive web application pentest in support of ISO 27001 certification for a corporate LMS platform.

Industry
B2B SaaS · LMS
Engagement
Web app pentest
Approach
Blackbox · Graybox
Driver
ISO 27001 certification

Davintoo Ukraina is a modern software development company in Ukraine, specialising in IT solutions for staff training, certification, internal communications, data analysis, and eLearning platform integration within a company's IT environment.

Their flagship product, LMS Collaborator, is a Learning Management System designed for corporate onboarding, personnel development, and assessment with flexible integration capabilities — already used by hundreds of companies.

The need for penetration testing arose to comply with ISO 27001 certification and to confirm a high level of security and protection of the web application and client data.

This certification would validate Davintoo Ukraina's commitment to implementing robust information security management practices and demonstrate their ability to secure sensitive data within the LMS Collaborator platform.

To address the security requirements and obtain ISO 27001 certification, Davintoo Ukraina commissioned a comprehensive Blackbox and Graybox web application penetration testing engagement.

This testing was conducted in accordance with OWASP and other relevant web application security testing methodologies by a dedicated pentest team focused specifically on evaluating the security of web applications.

BlackboxGrayboxOWASPWeb app

Upon completing the penetration testing, a detailed technical and executive report was provided to Davintoo Ukraina, outlining the identified vulnerabilities and potential risks.

After the client addressed and remediated the identified vulnerabilities, a re-test was conducted to validate the effectiveness of the remediation efforts.

Subsequently, a final report was issued, confirming the high level of security achieved for the LMS Collaborator web application, allowing Davintoo Ukraina to proceed with the ISO 27001 certification process.

More case studies

View all
Critical infrastructure · Energy

Prykarpattiaoblenergo

Phishing simulations and Blackbox web application testing for a major Ukrainian electricity distributor.

Read case study
Software · IT services

Global Mediator

Network and application security testing for one of the largest Microsoft technology development centres in Eastern Europe.

Read case study
Manufacturing · Industrial

Distar

Infrastructure pentesting and social engineering for the largest diamond tools manufacturer in Eastern Europe.

Read case study
Move forward with confidence

Have a similar
challenge in mind?

We'll scope a senior-led penetration test against your specific environment — and deliver Technical, Executive and Action-plan reports that translate findings into business decisions.

  • Reply within one business day
  • NDA on request — no obligation
  • Speak directly with our Head of OffSec
  • Tailored scope & clear pricing

Tell us about your project

We'll get back within one business day.