Why Penetration Testing as a Service?

Providing a continuous cycle of Penetration Testing combined with Remediation, Vulnerability Management and other Security Tools to protect your Security Posture.

Interact with your Security Report via the SecurePortal rather than an outdated paper report.

Constantly updating vulnerability information to stay in touch with the emerging threat landscape.

Receive notifications when one of your vulnerabilities is reclassified with a higher risk.

Why Penetration Testing as a Service (PTaaS)?

A companies Security Posture is constantly changing in line with the evolving risks faced by multiple sources. A traditional Penetration Test is very much a point in time assessment.

Pentest People have a wealth of experience of building traditional Penetration Testing businesses. It is time for the market to evolve and a new solution to be provided that meets the needs of the customer.

PTaaS advocates a continuous cycle of testing and remediation. It suggests that your security posture is always changing so in order to combat this moving target there must be an on-going program of testing, remediation and management. The PTaaS methodology understands that there is a need to test and check the entire platform stack. From the operating system to the SSL certificate, PTaaS is all about establishing a regime of automatic checks and monitoring so that even the smallest aspects of your eco-system are protected.

Why Penetration Testing as a Service?

What do we receive with PTaaS?

PTaaS is built around a traditional Penetration Test as you would receive from one of our competitors. The differentiator we provide is made up of the additional services that we wrap around the Penetration Test to provide an over-arching managed service to our customers.

We offer a Remedation Consultancy Service to fix any issues identified during your Penetration Test to ensure your risk is mitigated.

The service is delivered through SecurePortal and access is provided to the RapidSpike suite of Advanced Monitoring Tools.

More details can be found on our What is Included in PTaaS? page.

Consultant Led Penetration Testing

A Pentest People security consultant will perform a thorough Penetration Test based on your exact requirements. This test can include an assessment of your internal and external hosts as well as any Web Applications you may have in use. The Penetration Tests will be scheduled to match your requirements and budget.

Frequent Vulnerability Scanning

As well as the point in time Penetration Test, you will also receive access to regular external and internal Vulnerability Scanning. This scanning can be scheduled to fit into your environment and timescales to ensure that you are kept informed of newly released vulnerabilities that may affect your infrastructure.

Ongoing Security Monitoring

Various Security Monitors are available which all run at frequent intervals. These can be used to perform Port Scanning of your external infrastructure as well as to check items such as your SSL Certificates in use for your Web Applications and also monitor for JavaScript Security issues on your webservers.

Access to Security Consultants

Depending on the level of service you have purchased, you will receive access to the Pentest People team of experienced security consultants. These consultants are available on a helpdesk basis for general security concerns as well as to perform regular security reviews of your Vulnerability Assessments and Security Monitors.

Find Out More Now!


Key Benefits

  • Receive ongoing Security Management through an Overarching Managed Service
  • Traditional reports are out of date the minute they are delivered. SecurePortal is a living system that evolves in line with your network
  • Automatically track changes that might affect your security posture with minimal effort
  • Consultancy is not enough, keep up with new threats by adopting a continuous program of Testing and Monitoring
  • With so many attack vectors PTaaS allows you to monitor your entire ecosystem so emerging problems can be fixed early

Frequently Asked Questions

  • What is PTaaS?

    PTaaS stands for Penetration Testing as a Service and this is a key differentiator of Pentest People where we combine consultant-led services with ongoing vulnerability management and security monitoring.

  • How does PTaaS differ from a standard Penetration Test?

    PTaaS contains a Penetration Test but also provides access to an array of tools that include Vulnerability Scanning and Advanced Security Monitoring.

  • What other tools do I get access to with PTaaS?

    The full list of the tools you get access to with PTaaS are outlined on the What is included with PTaaS page.