Did you know that Security Testing is one of the most important activities in the process of Information Security Management?
Yes, KEEP-IT-SECURE-24 is a monthly payment subscription. You can upgrade your subscribed service at any time, however it will only be effective from the 1st day of the next month.
Any company around the globe. The person should be able to prove his ability to represent the company.
No. You will be given 3 months to export your data. After that we reserve the right to purge your data from our systems.
Internet connectivity is the only requirement needed to perform the testing of Web Application and Infrastructures.
No. However you should be able to understand your company’s objectives related to Information Security and know the skills and expertise of your IT personnel, so that you can effectively escalate and solve identified vulnerabilities.
There is a great difference between our service and other online services, ranging from our service delivery model to our reporting model. We offer a continuous and persistent service combined with the knowledge of our experts and our professional certifications. You can view a summary of the main differences here
Our platform allows clients to manage and monitor vulnerabilities and associated metrics, as well as, extract reports and provide us feedback regarding the Change Management Process so that we can perform specific tests. Check in detail the features of our platform
It’s an innovative service because it addresses several constraints that Traditional Pen-Testing Models have, while keeping the balance in terms of costs, and improving the efficiency and effectiveness of the Pen-Testing process. The major features of our service model, which make it unique and innovative worldwide are the persistence of the service being delivered by professionals who aren't limited to vulnerability scanning and our reporting and management interface. KEEP-IT-SECURE-24 provides testing in a continuous and persistent way to our customers through a Team of Professional Pen-Testers. More detail about our innovative model
Through our platform you will be able to let us know if you have any priorities regarding the tests. If you don't want to plan or you are unable to provide guidance, our experts will establish a test plan.
Yes. Through our Web Management Platform you can communicate with our team of testers regarding any given vulnerability and receive feedback from them. See the features of our platform in detail
We will take all the precautions so that our tests don't have any adverse impact on your systems and services. In the unforeseen event we detect any unintentional disruption we will immediately get in touch and let you know about the incident.
We will inform you by email about any vulnerability we publish to your account. You will have the full details of the vulnerability after you securely login into the Web Management Platform.
We account for our Pen-Testing Activities through the use of HackUnits, in a way that allows our clients to keep track of our effort to detect vulnerabilities. The recommended (monthly minimum) number of HackUnits and how many HackUnits are reported per activity is listed on our plans.
The effort to solve your vulnerabilities is not included in the service, only the identification and the recommendations on how to solve it. If you want us to provide a quote for a resolution, just send an email to your account manager with the vulnerability ID. Our expert consultants will get back to you with a quote.
Yes. It is as easy as drag&drop an object in our Web Management Platform. Request a demo to have a look of how easy it is to request a test.
For the moment this is not available.
The service is provided by Devoteam Cyber Trust, an ISO 27001 Certified Company. We take the protection of our customer data very seriously, and that's the scope of our Certification.
During the Penetration Testing Process, our team acts as potential attackers and use multiple techniques in order to try to identify vulnerabilities in your infrastructure, applications and services. Have a more detailed look on our Testing Process.
Our team has a set of commercial and public tools that are used for performing our testing process. Many of these tools are the same that attackers use on their day-to-day basis. These tools help us execute our technical activities in a much more effective way.
Our consultants hold several academic degrees and professional certifications, from which we emphasize: MSc. in Information Security (Royal Holloway), Post Graduate in Information Security (Royal Holloway), Certified Information Systems Security Professional (CISSP), Information Systems Security Management Professional (CISSP-ISSMP), Certified Information Systems Auditor (CISA), ISO 27001 Lead Auditor and ITILv3 Certification.
Our team is composed of several elements with different experience levels. All our Expert Consultants have at least 10 years of experience, on providing information security auditing services to large and medium sized companies.
We perform services for a considerable number of large and medium size corporations. Because of privacy issues and for the protection of our clients, we opt for not revealing their names on our webpage. We will be delighted to share their names and some projects in detail during a meeting. Schedule an On-line meeting with us to discuss any issues regarding our services and references by filling in this form.
There are two main sources of data on our Web Management Platform. The first is the dashboard, which includes information such as the number of open vulnerabilities, risk factors, most critical vulnerabilities, number of vulnerable assets, etc. The second is the reporting capability that will allow you to generate reports based on a time range, assets or vulnerabilities, as well as schedule and define the distribution list for each type of report.
Yes. Apart from being able to define the filters for the reports, you can also customize the headers, upload your company logo, and define the level of detail that you want to see in your report.
Your account administrator can at any time issue a temporary access token that is sent by email. This will allow you to enter the platform and change your password. You can also use the self help on your login page “Can’t access your account?” Click on this link and enter your registered email address.
It depends on the service model you have subscribed to. You can check the number of users permitted in each model here.
Yes. This is one of the main purposes of our Platform. Customers can create sub-users within their organizations who can manage assets, deal with associated vulnerabilities, extract reports and obtain online metrics.