Prodinity Cyber Solutions is a trusted cyber security penetration testing partner with advanced capabilities that go above and beyond industry standards. If you host a website, provide online services, are a data-driven organisation and the safety of your business and client data is vital, Prodinity can detect security flaws and compile a detailed report on strategic protection much faster than other providers.
Why choose Prodinity?
We combine the experience of our team of certified experts with powerful tools for detecting vulnerabilities, to save you time and money and minimise the risk of successful cyber-attacks and data leaks.
We also provide you with a dedicated account manager, and a direct line of communication to your penetration team. At Prodinity we always put our customers first, especially where cyber security is concerned. Trust is the most valuable commodity when dealing with sensitive data, and we always ensure that you are kept informed at every step of the way.
Prodinity offers pre-agreed price penetration testing with no additional costs and no variable rates. After we have performed the discovery, we will have a consultation with you to discuss our proposal and how it can be implemented. Your report is available 12 hours after the test completion, significantly faster than other providers, and we even include free re-testing in your pre-agreed price.
How does a Penetration Test work?
Our Targeted Framework Assessment (”TFA”) strategy uses ethical attack methodologies. We employ certified, highly skilled personnel with front line cyber-defence experience in insurance and financial services, as well as other sectors.
Through a targeted attack simulation, our team can take your business safely through real-world attack scenarios, allowing you to find and fix vulnerabilities before attackers can exploit them.
All our penetration testing is implemented manually using OWASP ASVS methodology allowing our clients to demonstrate controlled improvement between test cycles. We analyse the data to determine if your system is vulnerable to internal or external attack.
We confirm the purpose, scope, schedule, and conditions required for the implementation of a successful test. This usually consists of a consultation to discuss your needs and requirements and to provide you with a pre-agreed price.
We identify all vulnerabilities in the application and infrastructure, then ascertain the effects of using those identified vulnerabilities to carry out a simulated cyber-attack.
We provide you with a full summary providing feedback in the form of a report. Each identified vulnerability will be described, in detail, together with a recommendation on resolving the problem and strengthening the system.
Once your report has been generated, vulnerabilities have been identified and appropriate resolutions have been discussed with your account manager and implemented, Prodinity offers a free retest as part of your pre-agreed package.
What our report consists of
We initially describe the scope of the tests and present the evaluation model together with a description of the approach and methodology used.
This section provides an overview of the most significant identified vulnerabilities and an indication of the associated risks.
Each vulnerability is described in detail so that its root cause and reproduction can be easily detected. In this section, we will describe all the types of vulnerabilities identified, and then provide clear actions and advice regarding how to fix them quickly and efficiently.
We employ certified highly skilled personnel with front-line cyber-defence experience in financial services and insurance. Our team has specific skills in ethical attack methodology.
We work in partnership with you to ensure all testing meets your business objectives and is commensurate to your unique risk profile. Naturally all projects are undertaken in the strictest confidence, and we want you to consider us as part of your team throughout the process. Post testing, we remain available to assist as required.
Our team has expert familiarity with hacking techniques of all kinds and strong skill sets in many areas of security. We provide leadership and teaching experience and strong analytical, troubleshooting, and problem-solving skills and strong White Hat and Grey Hat contributions both professionally and privately.
Who conducts the tests?
The tests are conducted by accredited professionals with years of experience in the industry.
What approach is used?
We combine experience with known methodologies, such as the Open Web Application Security Project (OWASP) Testing Guide and Penetration Testing Execution Standard. The tests are conducted automatically with use of advanced tools, and we perform a manual follow-up check of any positive results.
How long does it take to perform a test?
A penetration test is conducted in accordance with a structured schedule. After the testing finishes, a report is produced, and this is available 12 hours after the completion of your test. Your dedicated account manager will then arrange a follow up call to discuss fixing any identified issues.
What is included in the report?
The outcome of the penetration test is an enhanced and detailed report containing all information necessary to understand, recreate, and rectify the identified vulnerabilities. Your dedicated Cyber-Security consultant would also be more than happy to run through the report with you in a short call.
When is payment due for the service?
A fixed price is pre-agreed when engaging Prodinity Cyber Solutions. We require a 50% deposit to commence the testing process. The remaining fee invoice is issued after the report is delivered and you have discussed the outcome with your dedicated Cyber-Security Consultant. We can also offer to spread the payments over 12 months to make the cost more manageable for your business.
Is retesting included in the price
The price includes a test and 1 re-test. Retesting means verifying all vulnerabilities listed in the report. The product is a summary with the status of each detected flaw (fixed / not fixed) and a short explanation for each flaw.
What do these common Cyber-Security Terms mean?
White Hat: In this format, penetration testers have full access and knowledge of the systems they are testing, including source code, IP addresses, etc. Also sometimes called clear or open box testing, this approach can simulate an internal attack and allows for an extremely rigorous test.
Grey Hat: In this format, penetration testers have some visibility and can pose as an attacker who has gathered limited information about the target.
Red Teaming: Red teaming is the practice of rigorously challenging plans, policies, systems, and assumptions by adopting an adversarial approach. A red team uses strategies to encourage an outsider perspective. From a cybersecurity perspective, a red team's goal is to breach or compromise a company's digital security to identify potential vulnerabilities.