Continuous Penetration Testing (CPT)

Continuous external IT perimeter monitoring as a service

Manual and automatic checks

Quick vulnerability detection and mitigation

Preparing staff for attack mitigation

Cutting expenses

Apply for quota return to the list of services

Professional team

Experience

We conduct over 70 complex projects per year for clients from the financial, e-commerce, oil and gas, finance technologies, media and other industries.

Expertise

Our experts discover new vulnerabilities in products developed by large vendors and are honorary mentions in in the Hall of Fame at Yandex and Mail.ru.

Exchange of knowledge

We regularly learn about new methods employed by cybercriminals from the APT attack investigation team, so our checks are very close imitations of real combat conditions.

Certification

Our experts have internationally recognized certification from well-known centres: Offensive Security, EC-Council, (ISC)2, SANS.

Value for business

Lower risks

Continuous monitoring accelerates remediation of vulnerabilities, even after changes to the infrastructure.

Greater opportunities

The service covers a range of tasks: from perimeter scanning, to enhancing cybersecurity awareness of employees, to simulating DDoS and APT attacks.

Lower expenses

Outsourcing and partial automation reduce costs while maintaining high quality inspections.

More customisation

The customers choose the scope of tasks that meets their needs and specifies the frequency of their application.

A new approach to perimeter security

Continuous Penetration Testing

  • Cuts expenses
  • Detects the most serious vulnerabilities
  • Frequent and regular

Classical Penetration Testing

  • Requires a lot of labour, time and resources
  • Detects the majority of all vulnerabilities
  • Applied 1–2 times per year

All results presented on a single platform

Comprehensive checks for maximum coverage

Change management and assessment

We monitor the IT perimeter for any changes and conduct targeted penetration testing of new applications, updates for websites and service versions.

Result: vulnerabilities are detected faster — risks associated with unknown gaps are reduced.

Automated scanning of the external perimeter and applications

Perimeter security is maintained using state-of-the-art tools from leading vendors. Program reports are processed manually: we filter out false positives and vulnerabilities that cannot be exploited.

Result: easily identifiable critical flaws without the heavy costs.

Scout for new nodes on the external perimeter

We employ open-source intelligence to regularly check for any omitted assets: websites with outdated information, servers with dated and vulnerable software, domains leading to IP addresses that you no longer own.

Result: all assets under the supervision of administrators — less chance of an attack or damage to reputation.

Security Fitness

Training your employees to detect phishing, respond to network overloads and mitigate targeted attacks: we conduct mock phishing campaigns, simulate hacker activity and DDoS attacks.

Result: employees are equipped to distinguish fraudulent emails, while the security service apply their know-how to deal with real attackers.

Continuous pentesting

Apply for quota

I consent to my personal data being used in accordance with the Privacy Policy for the following:

We use cookies to personalize the services and the convenience of website users. You can prevent cookies from being stored in your browser settings. By using this website, you confirm your consent to the Privacy policy.