Our testing and reporting process is quite similar for most of the penetration testing services we provide. This being said we can be flexible to fit around the needs of any organisation or technology.
Where needed, we can adapt our testing process to fit around agile project management schedules. If required, we can fit into a team and work closely with software developers or security analysts. As is often requested, we can easily provide personalised or branded reports to supply to your customers follow the test.
We also have the facility to provide up to the minute, live reporting on larger tests. This allows developers to remediate any issues as they are identified and is particularly useful on time sensitive or larger engagements.
The Testing Process
-
Scoping
We consider a thorough and accurate scoping process as key to ultimately delivering a high quality service. Our expert consultants will work closely with you to fully understand your business, technology and your requirements in order to produce a tailored service that satisfies, or ideally, exceeds your expectations.
-
Proposal
Following a thorough scoping process, our recommendations in terms of; scope, approach, pre-requisites and time requirements; will all be documented in a proposal that details the specifications of a thorough engagement that meets your needs.
-
Testing
Leading up to a test, our consultants will be in touch with you to ensure that all the prerequisites to a successful engagement are in place ahead of time. During the testing window, we will be in regular contact, providing progress updates and being available to answer any questions. Our testing approach is manual and aims to identify as many security vulnerabilities as possible during the time available.
-
Reporting
We pride ourselves in our accurate, succinct reporting process which aims to be so much more than a dead document in your inbox. In addition to a formal report at the end of an engagement, with detailed remediation advice, we provide interim reporting during the engagement to notify you of vulnerabilities as they are discovered. Our results and remediation portal gives immediate insight into your assessment and aids in the remediation process.
We are willing to integrate further with your team and your ways of working by creating tickets for you, joining your Slack/chat channels, or any method of communication that suits you.
We can also supply a customer-facing report for you which can be used to provide assurances to your internal and/or external stakeholders.
-
After-care
We want to work with you for the long term, not just during our formal engagement with you. Our consultants will make themselves available to you and your team for any questions you might have about our engagement with you as well as provide support when it comes to remedial actions, either to your internal teams or external suppliers.
Enquire about our testing and reporting service
Get in touch to find out more or to arrange a scoping call.