Penetration Testing & Secure Code Review for Security Maturity

Since launching, Knot has been a go to solution for card issuers looking to increase user spend and reduce churn. Knot's API offers card issuers the ability to instantly update card-on-file information at almost any merchant with just a few lines of code, meaning an easier onboarding experience for consumers, and more revenue and retention for the bank.

Penetration Testing & Secure Code Review for Security Maturity

New York, NY




Series A $10M USD




Download PDF


Knot API is gaining traction in their market, building enterprise partnerships and client relations with large financial institutions. They had been disappointed with the lacklustre results from their previous pentest vendor and needed a partner who understands the stringent security requirements their clients need met to continue gaining trust.


Knot API selected both a secure code review and grey box web application and API pentesting with Software Secured. Using secure code review with a penetration test or on its own helps zoom in on particular pieces of software, as all code paths and running conditions of the application are inspected and tested, giving a comprehensive view of secure coding practices.

Combining code review, which identifies the instances of a vulnerability within the code and penetration testing, increases the efficacy of finding as many vulnerabilities as possible during the engagement.


Software Secured uncovered critical and high vulnerabilities that exposed risk for Knot API. They worked with the team through remediation efforts to ensure these gaps were closed immediately after identification and retested to confirm risk had been eliminated.


Software Secured approached the relationship from a consultative, educational point of view, working beside Knot API to help them choose the right security investment for their growth stage.

Software Secured not only delivered a high quality report with meaningful vulnerabilities, they also took time to understand all of our team's requirements and educate us on how best to approach source code review in tandem with pentesting. Finding a pentest vendor that has vast experience and expertise in both areas allowed us to be confident in our security posture, and made it easier to gain trust with new clients."

Pablo Rozic,
Head of Product at Knot API

Additional resources

Here to get you started

Featured Post Image

The State of Penetration Testing as a Service- 2022 Edition

Say goodbye to 300+ page penetration test reports

Providing the quality of the biggest names in security without the price tag and complications.

Book a 30 min consultation

Manual penetration testing

Full time Canadian hackers

Remediation support

CTA background