You can pay for a 3rd party to penetration test your app, it’s good practice to do this before you launch an app, after any significant changes, and annually at a minimum.

There are also a growing number of companies offering continuous penetration testing - basically, automated pen tests - but these are expensive and it’s difficult to convince companies that the cost is worth it