Frequently asked questions (FAQ)

Penetration testing, ethical hacking or white hat hacking is the same kind of a cyber attack that can happen in reality. The difference is pent test is performed by security specialists who do not pursue the goal of stealing your data. Oppositely, they would like to spot vulnerable places and suggest how to fix them before some true adversaries find out about gaps in your system security.

In a nutshell, any company that has confidential data or, in other words, information that is not for strangers to see, needs a penetration testing. In a greater degree companies of finance, medicine, information technologies or services industries that operate their data in a web system are highly recommended to regularly perform security testing.

At least once a year. Depending on company industry and the amount of sensitive data they operate the frequency may increase. The update of your system environment or introduction of a new feature implicates the system gets more vulnerable. Thus, it became a threat for malicious attacks. A regular security check-up can anticipate damage so that we can take protective measures.

Broadly speaking, penetration testing can be divided into three stages: research, testing itself and delivery of found results. Prior to the test process we discuss with you the scope and set goals. Penetration testing is performed by a team of certified experts and under international regulations (Open Web Application Security Project (OWASP) Testing Guide, Penetration Testing Execution Standard (PTES), Web Application Security Consortium (WASC) Threat Classification). With the full list of standards we work in compliance with you can get familiar here. We dig deep and deliver results we promise. It means the report covers problematic spots, explains how those gaps were found, how much time experts needed to intrude, how much effort it took and what can be done here to improve the situation.

Firewall works as a protective barrier, (it is called a wall for a reason), between your network and the outside world. It is good enough to defend your network against malicious online traffic. Bad news, appearing threats are geared to easily climb through firewalls without being detected right into your system.To make sure such damage won’t happen pen testers check your system vulnerability and recommend what to do to avoid severe attacks.

Our pricing model is parameter-based. It means the price depends on your system size, amount of assets that need to be tested, the test type your would like to carry out, etc. Contact our dedicated managers to get a free consultation which test would fit your needs better.

We perform both automated and manual testing but lean toward the latter one. The thing is manual pen test is way more meticulous and tends to reveal weak spots where automated tests fail.