Automatic security assessment

H-X security scanner

Specialist services:

  External or internal wired or wireless network pentest.
  Website, web application, web server.
  Desktop or mobile application pentest.
  DoS/DDoS-attack modelling.
  Personnel pentest (social engineering methods).
  Industrial IT security audit.
  Managed compliance with ISO 27001, PCI DSS, HIPAA, GDPR, etc.
  Other pentest or security consulting.
  Training, workshop (secure software development, social engineering, etc.).

Typical Pentest Workflow

Formalities →
We sign Non-Disclosure Agreement. You authorize us to perform the pentest.
Clarification →
You answer our questions about the conditions and environment.
Pre-engagement →
We develop the Rules of Engagement (RoE) and the project plan.
Approval →
We send you a commercial proposal, the Rules of Engagement and the project plan. These documents define all conditions and parameters of the penetration test. You accept our proposal, approve the documents, then you and we sign the Service Agreement.
Field works →
Passive pentest phase begins with Open-Source Intelligence (OSINT). Active pentest phase includes vulnerability identification, exploitation and other hacker actions.
The Assessment Report describes the findings and what should be done to improve your security. The project is completed.

Project Deliverables

All project deliverables are described in the Security Assessment Report. A simple report structure is below. Depending on the pentest requirements, conditions, restrictions and parameters, the report can include additional sections.

1. Summary.

2. Security assessment results:

  • Identified vulnerabilities and their exploitation ways.
  • Details (logs, dumps, screenshots, etc.).
  • Risk assessment.
  • Recommended security measures, grouped and prioritized.

Go top, choose pentest type and order.

What is penetration test.

Who we are, what we do, and what partnership we offer.

H-X news.