FAQ: Penetration Testing Services

 

Q: Can I buy Pentest services as an individual?

A:  Unfortunately no. We need to validate your company and test targets to ensure that the services we are delivering is served are legal.

Q: How can my company buy Pentest Services

A: You need to first become a member to our website. Then you will be able to buy services as a company

Q: Do you send us only automated vulnerability scan reports?

A:  NEVER. We never send automated tool reports to our customers. Our value is to do manual penetration testing like an actual attacker and expose real vulnerabilities.

Q: Bundled Pentest Services doesn't fit my requirements, can I get service customized for me?

A: Yes, you can get  custom scope pentest services(Web Application , Network) OR you can get full scope pentest with Enterprise Penetration Testing Services.

Q: Can I buy multiple penetration testing bundles ?

A: Yes, you can. Just add bundled pentest services in your basket and continue through regular sales cycle. 

Q: Can I resell pentest services as a channel partner?

A: Yes, please contact us through Contact Form by specifying your request, then our sales team will contact you for further process.

Q: What is the difference between custom and bundle offerings

A: Bundle offerings are designed with predefined scope and limited with the service scope. They cannot be customized. If your requirement falls within these limits, they are priced for mass use with the best pricing options. If you need to tailor services we provide, custom offerings (e.g.: Custom Web Application Penetration services) are provided to deliver customized services for your company.

Q: Why there are different pentest offerings for web application, mobile , network  etc.? 

A: Each pentest offering is designed to address specific perspective of attack surface. 

Q: Can I have my FULL infrastructure tested?

A: Yes, please enroll to Enterprise Pentest Services to have a full testing 

Q: Do you provide Graybox OR whitebox testing?

A: Yes, please enroll to Enterprise Pentest Services to and let us know which option you would like to choose.

Q: Do you provide penetration tests for specific compliance or schemas, such as PCI DSS, SOC2 etc.

A: Yes we do provide compliance testing for PCI DSS, PSD2 , SOC2. Compliance testing is available only in Custom Penetration Testing service offerings. 

Q :  Do you provide testing as per industry standards/best practices?

A.: Yes, we  do provide compliance penetration testing for PCIDD, PSD2 and SOC2 and also we do provide testing according to OWASP, and OWASP MSTG.  if you have additional requests to these pleas feel free to make a request to us from chat box on the right bottom corner of our webpage.

Q: What is the "Compliance" Option in the product procurement page?

A: This option is for you to choose proper compliance requirements before proceeding for penetration testing and letting us know whet you exactly require.

Q: What will change if I choose different compliance schema for penetration testing?

A: Our team has totally different methodologies, control points and critical controls for different compliance requirements. You might get totally different set of tests with different compliance requirements.

Q: Is compliance penetration testing available for bundle penetration test offerings?

A:  No. Unfortunately compliance testing requires significant effort and might require additional information to complete before proceeding onboarding. For this reason we need to customize compliance testing requirements and we do have Custom Penetration Testing service offerings specifically designed for this purpose.