Question 1

Is this production safe?

Accepted Answer

Absolutely. There is no brute force, denial of service or flooding. We adhere to industry best practices and follow a non-intrusive and non-destructive process. We report exploitable vulnerabilities in your environment with minimal validation. However if you chose to do so, with your explicit permission, we can simulate exploitation of these vulnerabilities in your UAT environment.

Question 2

How soon can you get started?

Accepted Answer

5 to 10 days. Nonetheless, upon the availability of our resources, we make sure to start a project at the earliest.

Question 3

Who does the testing?

Accepted Answer

Real people. All testing is done by our of team of Ethical Hackers who are heavily experienced in their domains and carry industry leading certifications like EC Council CEH or Offensive Security OSCP.

Question 4

What methodolgies do you use?

Accepted Answer

We leverage OSSTMM (Open Source Security Testing Methodology Manual) and PTES (Penetration testing Execution Standard) standards to uncover weaknesses that could allow an attacker to compromise your network and data.   For mobile applications, our team follows Mobile Application Security Verification Standard (MASVS) to ensure that all potential vulnerabilities are identified for your development team to rectify before you launch your mobile app.

Question 5

What tools do you leverage?

Accepted Answer

For vulnerability scanning we leverage a combination of enterprise grade commercial and open source scanning engines to ensure that nothing is missed.   Some of the tools we leverage for penetration testing include Nmap, Metasploit, Wireshark, Unicornscan, lnguma, Cain and Abel, Kali Linux , Hydra, Medusa, lnguma, John the Ripper, SSHater, rcrack, WyD, AppSpider, Burpsuite, w3af, Nikto, Wireshark, Dirbuster, SSLDigger, Wapiti, sqlmap, sqlninja along with custom scripts.

Question 6

Will your reports help me with compliance?

Accepted Answer

Our reports will empower you with deep insight into weaknesses that an attacker can exploit to gain access or exfiltrate confidential data from your network. They can also help meet requirements of PCI DSS, GDPR, HIPAA, SOX and ISO 27001 compliance

Question 7

When will I get my result reports?

Accepted Answer

An interim report will be provided within 2-3 business days of concluding the testing and a detailed formal report follows within 10 business days after the completion of testing.

Question 8

What information do you need from me to get started?

Accepted Answer

Once your order is confirmed, we will reach out to you obtain details of all the assets that need to be tested

Question 9

Anything I need to know about pricing?

Accepted Answer

We offer the most competitive rates without compromising on quality. We offer volume based discounts on top of discounts for recurring customers.

Question 10

What's included in the report?

Accepted Answer

All our test reports come with detailed video and or visual proof of concepts of high risk vulnerabilities so that you get the utmost clarity on what's at stake. They also contain actionable counter measures that you can immediately put to use.

Security & Compliance for the modern enterprise

Security & Compliance for the modern enterprise

Measure your exposure

with provapt

Next Generation Penetration Testing & Vulnerability Assessments for your Network, Web and Mobile Applications

A Global Top 200 Managed Security Services Provider Honoree

the provapt suite

Network Vulnerability Assessment

Network Penetration Testing

Web Application Vulnerability Assessments

Web Application Penetration Testing

Mobile Application Penetration Testing

why customers love us

Engagement Director,

Government Contractor With National Presence

CTO, Technology Start-up

Techstars Graduate

CEO, Technology Services Firm

Certified Ethical Hackers

Methodology

OWASP TOP 10

the provapt advantage

PROOF OF CONCEPTS

COUNTER-MEASURES AND REVALIDATION

ENABLE COMPLIANCE

CANCEL THE NOISE

FLEXIBLE ENGAGMENT MODELS

step 1

You tell us what needs to be tested

step 2

We provide a quote within 24 hours

step 3

Shake hands and kick off the testing

step 4

You get the results

step 5

You make the fixes and we revalidate

How it works

Partner with a Global Top 200 MSSP Honoree