What is Included in PTaaS?

A perfect blend of differentiated consultant-led services and various online tools delivered through SecurePortal make up the PTaaS offering.

Receive detailed security metrics and trends about all your hosts and risks through the SecurePortal.

SecurePortal allows you to access all your vulnerability data in a secure single platform.

Interact with your Security Report via the SecurePortal rather than an outdated paper report.

What is Included with Penetration Testing as a Service (PTaaS)?

PTaaS is based on Pentest People consultant led Penetration Testing services. These services have the results and consultant’s narrative uploaded to the SecurePortal where customers can interact with the findings rather than reading from a very large static report.

Full access to SecurePortal will be made available where customers can look through their sales proposals and project paperwork as well as to interact with and produce static reports of the consultants findings.

What is Included in PTaaS?

Penetration Testing Services

Infrastructure Penetration Testing
Assess and measure your security posture through Infrastructure Penetration Testing to allow you to manage the identified issues.

Web Application Penetration Testing
Assess your critical Web Applications for Security Vulnerabilities with a Web Application Penetration Test.

Social Engineering Assessments
Research, develop and manage an assessment of the security of your people and processes utilising the latest techniques.

VPN Configuration Assessments
Assess the security configuration of your VPN to ensure a misconfiguration or vulnerability is not allowing external access to your corporate network.

Firewall Ruleset Reviews
Assess your Firewall Rule Configuration looking for security issues and unnecessary rules that could lead to a breach of your network.

Network Device Security Reviews
Assess the critical network devices that make up your corporate network looking for software and configuration vulnerabilities.

 


Remediation

Penetration Test Remediation is often the overlooked part of any Penetration Testing Methodology. Organisations engage with specialist companies to perform Penetration Testing and the deliverable of this work is usually a report, that identifies multiple security vulnerabilities within the organisation’s network and applications.

Pentest People are able to offer a Remediation Consultancy Service where the findings of the report are managed by a specialist consultant with a view to creating a tailored Prioritised Remediation Plan based upon your business requirements and risk of identified issues.

This Prioritised Remediation Plan can then be put into action either by Pentest People, the organisation’s internal staff or the organisations incumbent IT provider to ensure that the risk to the business is mitigated.


Advanced Monitoring Tools

Pentest People is a part of the same technology group of companies as RapidSpike, a market leader in providing advanced monitoring tools to many numerous clients worldwide.

Every Pentest People customer will have a level of access to the following tools depending upon the level of service they have acquired.

Security Tools

Protect your infrastructure & guard against malicious attacks.

  • External Vulnerability Scanning
    Scan the external perimeter of your network to check for any software or configuration vulnerabilities. Perform regular scanning and receive alerts when any vulnerabilities are identified.
  • Port Scanning
    Ensure that your network perimeter is locked down to Hackers by regularly checking the open ports of your public infrastructure.
  • Malicious User Detection
    Receive an early warning of an impending security issue and obtain a list of networks to block to prevent it.
  • JavaScript Security Monitoring
    Receive notifications when the JavaScript on your website or web application changes that could indicate a security threat.
  • SSL Cipher Monitoring
    Ensuring the Integrity of your SSL Certificates by checking all of the ciphers installed and supported on your web server at regular intervals.
  • Google Safe Browsing Monitor
    Ensure that your site has not been compromised and is available to users via the Google search engine.

Performance Tools

Measure and improve site speed using a variety of monitoring tools.

  • Synthetic User Journey Monitoring
    Simulate real users from all around the world with our Synthetic Journey monitors. Find out about our Managed Service or our Self-Service User Journeys.
  • Real User Monitoring
    Track real user experience – traffic volume and page load speed – by country, browser & device.
  • Intelligent Page Monitors
    Monitor your page from a variety of world-wide locations, tracking performance by downloading the page resources and measuring their speed.

Assurance Monitors

Protect key aspects of your online world with these common-sense monitors.

  • Domain Name Monitoring
    Monitor for the expiry of your domain names, protect against Domain Hijacking and ensure you are notified of any changes to your WHOIS records.
  • SSL Certificate Monitoring
    Get notified when close to expiry as well as if any changes occur to your SSL Certificate.
  • HTTPS Redirect Monitoring
    Avoid losing traffic and damaging your business reputation by ensuring your domain redirection is configured properly.

Availability Tools

Keep your ecosystem live at all times with uptime monitoring.

  • Uptime Monitoring
    Reliable and constant uptime monitoring for your entire platform – from server level to individual website pages.
  • API Monitoring
    Monitor your API endpoints using our HTTP POST monitor, capable of sending a request body and matching the response against an expected value.

SEO Monitors

Track ongoing SEO performance with a variety of useful metrics.

  • SEO Monitoring
    Monitor industry leading SEO Statistics for your websites and determine their Search Engine rankings over time.
  • Google Analytics Monitoring
    Integrate with your Google Analytics account, enabling RapidSpike to collect and display key metrics such as user sessions and to be able to graph these with server response and page load times.
  • Alexa Traffic Monitoring
    Monitor the Alexa Traffic Ranking for your websites as a way of determining their popularity over time.

 

Key Benefits

  • Benefit from continuous Security Monitoring and Testing
  • Monitor aspects of your digital world you never thought important
  • Reduce your threat window with regular Vulnerability Scanning and ongoing Security Monitoring
  • Stay one step ahead of emerging risks and threats
  • Leverage the included toolset helping you to do more with less spend
  • Use SecurePortal to save time and join the dots across your digital assets

Frequently Asked Questions

  • What is PTaaS?

    PTaaS stands for Penetration Testing as a Service and this is a key differentiator of Pentest People where we combine consultant-led services with ongoing vulnerability management and security monitoring.

  • How does PTaaS differ from a standard Penetration Test?

    PTaaS contains a Penetration Test but also provides access to an array of tools that include Vulnerability Scanning and Advanced Security Monitoring.

  • What other tools do I get access to with PTaaS?

    The full list of the tools you get access to with PTaaS are outlined on the What is included with PTaaS page.