Typical Pentest Workflow
We sign Non-Disclosure Agreement. You authorize us to perform the pentest.
You answer our questions about the conditions and environment.
We develop the Rules of Engagement (RoE) and the project plan.
We send you a commercial proposal, the Rules of Engagement and the project plan. These documents define all conditions and parameters of the penetration test. You accept our proposal, approve the documents, then you and we sign the Service Agreement.
Field works →
Passive pentest phase begins with Open-Source Intelligence (OSINT). Active pentest phase includes vulnerability identification, exploitation and other hacker actions.
The Assessment Report
describes the findings and what should be done to improve your security. The project is completed.
All project deliverables are described in the Security Assessment Report. A simple report structure is below. Depending on the pentest requirements, conditions, restrictions and parameters, the report can include additional sections.
2. Security assessment results:
- Identified vulnerabilities and their exploitation ways.
- Details (logs, dumps, screenshots, etc.).
- Risk assessment.
- Recommended security measures, grouped and prioritized.
Go top, choose pentest type and order.
What is penetration test.
Who we are, what we do, and what partnership we offer.