Bluedog Security's Manual Penetration Testing for e-Commerce is a human-led security assessment service targeting e-commerce platforms and their associated infrastructure. The service focuses on identifying vulnerabilities in payment flows, cart and session management, API integrations, and storefront components — with an emphasis on business logic flaws that automated scanning tools are unable to detect. Testing coverage includes: - Web application penetration testing - Mobile application penetration testing - REST/API interface penetration testing - Active Directory penetration testing Findings are documented in a password-protected PDF report that includes vulnerability details, management summaries, and remediation guidance. Reports are framed around business risk and impact, including analysis of how individual vulnerabilities can be chained into compound attacks. The service is aligned with PCI DSS requirements and produces auditor-ready evidence. The testing methodology follows OWASP standards. Bluedog holds ISO 27001:2022 certification (certified since 2020). Deliverables include: - Detailed vulnerability report with remediation steps - Post-test debrief with the client's technical team - Post-remediation retest of identified vulnerabilities - Certificate of completion upon successful remediation The team holds certifications including CISSP, GIAC, OSCE, OSCP, OSWE, and CREST. Bluedog is an authorized vendor of Globe Telecom and has operated in the Philippines since 2018.