Precision Testing
Ethical Standards

Indonesia Cybersecurity Audit Provider — Registered with BSSN, ASPI & CREST

Penetration testing by certified practitioners—not just scanner tools. 75% manual testing for real threats automated tools cannot find.

Consult (WhatsApp) View Services

BSSNASPICREST Pathway+

ethicninja — pentest session

$ ./recon --target client-app.id --deep

✓ DNS enumeration complete (47 subdomains)

✓ Port scan: 3 services exposed

✓ Tech stack fingerprinted

$ ./scan --manual --owasp-top10

✓ A01 - Broken Access Control

⚠ A03 - Injection → SQLi found

✗ A07 - Auth bypass → CRITICAL

$ ./exploit --poc --safe-mode

15+Years
Experience

100+Enterprise
Clients

CVEPublished
Researcher

3×Top MSRC
Researcher

1,100+Completed
Projects

our services

Scope of Our Services

Every engagement is led directly by experienced practitioners.

01 — Core Service

Penetration Testing

Web, mobile, API, network & infrastructure. 75% manual approach — blackbox, greybox, whitebox.

WebMobileAPINetwork

02 — Compliance

ISO 27001 Assistance

Gap assessment, ISMS documentation, internal audit, and Stage 2 certification support.

03 — Regulatory

Compliance Audit OJK

POJK compliance audit for banks, fintech, and financial institutions under current regulations.

04 — Regulatory

Compliance Audit PBI

Bank Indonesia compliance for Payment System Providers (PSP).

registered with

Our Accreditations

ISO/IEC 27001

Information Security Management System

PT Inovasi Media Solusindo — Cert. No. 824 153 26000

BSSN

Consultant Recognition Certificate — Badan Siber dan Sandi Negara

SMPI.LK.9/BSSN/D1/PS.02.01/08/2022

ASPI

Security Testing & IT Audit Provider — Asosiasi Sistem Pembayaran Indonesia

Sek.ASPI/STT/048/IX/2024 & Sek.ASPI/STT/091/XII/2024

CREST Pathway+

Approved Organisation — international penetration testing standard

Ethic Ninja (PT Inovasi Media Solusindo) — Org ID: 09970976

our clients

Trusted Across Industries

Since 2016, Ethic Ninja has delivered security testing and compliance consulting for 100+ organisations in Indonesia and abroad.

🏦

30+Financial Services

📲

25+Fintech & Payment

🏛️

10+Government

⚡

8+Energy & Mining

🏥

7+Healthcare

🛒

10+Retail & E-commerce

🛡️

7+Insurance

🎓

5+Education & EdTech

🚚

5+Logistics

global track record

Recognised by Global Companies

Microsoft

Top MSRC Office Security Researcher for three consecutive quarters: Q3 2022, Q4 2022, Q1 2023.

Top Researcher × 3

Adobe

Four CVEs in Adobe Commerce/Magento Core: CVE-2023-29295, CVE-2023-29294, CVE-2023-29289, CVE-2021-28566.

4× CVE Published

Apple

Web Server Security Acknowledgement for findings on Apple.com infrastructure.

Security Acknowledgement

Google

Bug Hunter Honorable Mention for security research across Google services.

Bug Hunter Mention

testimonials

What Clients Say

"As a developer, Ethic Ninja gives me good insight on possible attack methods against our website, and hopefully at completion I will be prepared to test our website."
— Fase, Biostar Webmaster

"Ethic Ninja has proven to have excellent capability and ethics in security testing."
— Rendra Perdana, Cybersecurity Architect, Blibli.com