Straight Facts: Testing as a Service Dispatches the Goods

Straight Facts: Testing as a Service Dispatches the Goods
Andrew Kates
Author: Andrew Kates

Most InfoSec professionals recognize that technological advancements are rapidly changing how we approach security, prompting many to consider a solution that exceeds the status quo. The truth is, these advancements have been a blessing and a curse, but it is evident now more than ever that organization's bear the awesome responsibility of securing sensitive data and systems.  

So what's the solution and does anyone possess the expertise to stand up to these new threats?  Well, the future is now, and this is where Secure Ideas' newest offering comes into the picture!  Professionally Evil Testing as a Service (PETaaS) combines numerous security assessment, management, and testing techniques into a singular penetration testing and advisory service offering that is a cut above the rest.  

By understanding the challenges organizations are faced with, we're better equipped to meet their needs.  From here, we'll break down how this powerful solution differentiates itself from outdated ideas for bolstering an organization's security posture.  

Ongoing and Expert Advisory 

Real-Time Communication
Continuous and Flexible Penetration Testing Options
Seamless Integration
Streamlined Procurement
Test Credits and Transparent Pricing
Ongoing Advisory

As a PETaaS customer, you'll have unfettered access to our penetration testing experts, leveraging multiple communication mediums including Slack, email, and video conferencing platforms.  Have a question?  We understand the imperative of securing your data and are committed to resolving any security issues through dedicated advisory.  Our team will be here to provide guidance and support for any cyber related questions you may have, before, during, or after an engagement.  We'll recommend strategies and actionable steps that can be taken to reduce your attack surface and thwart breach attempts on your systems. 

Continuous and Flexible Penetration Testing Options
An organization's security needs will vary greatly and evolve based on internal turnover, rapid growth, regulatory requirements, and a host of other, potentially unforeseen circumstances.  PETaaS is perfect for scaling, and syncing with organizational initiatives based on these fluctuations.  With an ongoing approach that is committed to timely identification and resolution of vulnerabilities, helping to build a robust security posture will remain the priority.  Whether your main need is advisory and an annual penetration test, or supporting your red or purple teaming through year-round, continuous testing, we offer the opportunity for the greatest level of flexibility to your organization. 

Testing Credits and Transparent Pricing
Finally we get to the backbone of PETaaS, Test Credits.  So what are PETaaS Credits These are essentially a currency used to streamline the process when your organization is looking to augment its internal information security efforts with Secure Ideas' security assessment expertise. Simply put, each Test Credit represents one day of effort by one of our security consultants.  For each project, we'll work with your team to identify scope and estimate the number of Credits required to perform the work, which means a more efficient use of your budget and our resources; offering the maximum value to your organization.  

Secure ideas' stated goal is to deliver the greatest penetration testing experience possible, and as part of that we have ensured you have as much information at your disposal to make the best decision for your business.  One key aspect of this is transparent pricing.  The minimum threshold for purchasing Credits is 20, which includes a built-in discount from our daily retail consulting rate of $2,600.  Here is the volume discount breakdown:

  • $2,400 per Credit for 20-29 Credits 
  • 5% discount for 30-49 Credits
  • 10% discount for 50-89 Credits
  • 15% discount for 90 or more Credits

Seamless Integration
Integrating penetration testing into your software development cycle (SDLC) is an essential component for early-stage application security, but will also allow your dev team to remain steadfast in their pursuit of improvement of the end product. We don't just want your applications to be functional, we want them to be secure, and something your end-users can trust. PETaaS ensures that experienced professionals, who grasp the nuances of your specific environment, and understand the importance of meeting sprint deadlines are the ones testing your applications at each stage of development.

Real-Time Communication
Our team has been on-call when a server went down, been developers on a tight deadline, and had to deal with maintaining business operations while implementing security mitigations, so we appreciate the importance of keeping the lines of communication open. With this in mind, we'll keep you informed of issues, critical vulnerabilities, or indicators of compromise as they arise during a penetration test. Maintaining open communication throughout the engagement, enabling you to address potential threats quickly and effectively to protect your organization. Coupled with our modern portal and built-in project management features, we make it effortless to track your engagement status, expenses, and deliverables across various projects.

Streamlined Procurement
By utilizing our PETaaS Credits you'll have priority scheduling as a preferred Secure Ideas customer. In most instances, we have the ability to schedule work within 48 hours of a project being scoped, fast-tracking your transition from planning to execution. Having the peace of mind knowing that you can access our skilled team of consultants at the drop of a hat, all while avoiding the typical red tape of corporate procurement cycles allows you to focus on what actually matters, and that is keeping your sensitive information secure.

Your Soup to Nuts Security Solution
The bottom line, this pioneering offering, when leveraged correctly, gives you access to real penetration testers and subject matter experts that will continuously help you identify risk and work to reduce your attack surface, all while making the project cycle as frictionless and efficient as possible.  The focus we place on manual testing and "the human touch" is a key differentiator.  While we do incorporate automated testing tools and techniques to complement this manual approach, it is a far cry from other firms that don't have the expertise or understanding of your systems to perform manual, deep-dive testing that is the cornerstone of the Professionally Evil brand.  

If you are an information security leader, and you're looking for a dependable, scalable, and continuous penetration testing partner, please contact us today for more information.

Join the professionally evil newsletter