Overview
Each Penetration Test is performed by one of Securisea’s experienced professionals, and is customized for each customer to ensure accuracy and safety. The result from each test is a detailed report analyzing how an intruder might gain access to internal systems under specific conditions, and the necessary steps to prevent such an intrusion in the future.
One of the key advantages to Securisea’s Penetration Testing program is our deep knowledge of both information security infrastructure and industry-specific regulatory requirements. We regularly perform Penetration Tests that assess general network security preparedness, as well as regulation-specific tests that directly evaluate compliance with PCI, FedRAMP, HIPAA and much more.
Securisea’s penetration-testing methodology is based on components from NIST SP800-115, the Penetration Testing Execution Standard (PTES), and the Open Web Application Security Project (OWASP) Top 10. Securisea maintains a separate, detailed penetration testing methodology document that is available upon request.
At the conclusion of our engagement, Securisea will provide you with the following deliverables: An Executive Summary tailored to your management management that provides a high-level summary of the work performed and the key findings and recommendations. A key findings section outlining the assessment activities and documenting the detailed technical findings. Attacker tactics, techniques, and processes are mapped back to the MITRE ATT&CK framework. Audit-ready reports that can be used for compliance audits that require security testing, such as PCI-DSS and HIPAA (add all, include language around as long as they are requested/in scope. FedRamp, StateRamp). These reports have been designed with compliance reporting requirements in mind.
Securisea employs our custom AWS-centric methodology for penetration testing of your cloud resources. We have extensive experience performing network level penetration testing of EC2 virtual servers as well as container based execution environments such as Elastic Container Service (ECS), including containers running within Fargate as well as Elastic Kubernetes Service (EKS) and nearly any other AWS deployment model.
Highlights
- Top 2% of Auditors. Securisea is one of only a handful of audit firms in the world certified to provide CSA STAR, ISO27001 and 27701, SOC2, SOC1, PCI DSS, FedRamp/StateRAMP 3PAO, HITRUST & HIPAA assessments all under one roof.
- Experience You Can Count On, Year After Year.
- Unmatched Customer Experience.
Details
Pricing
Custom pricing options
Legal
Content disclaimer
Support
Vendor support
Founded in 2006, Securisea provides audit support for organizations of all sizes, from startups to some of the world’s most security-minded technology companies. Our customers rely on them to continue to evolve to meet an ever-changing security and compliance landscape, while maintaining a high level of expertise, responsiveness, and customer service to every unique engagement.
Should you have any questions about Securisea's SOC examination capabilities, please contact us at 1 877-563-4230 or fill out a form at securisea.com/contact-us to speak with one of our subject matter experts.