PENETRATION TESTING SERVICES

Quality Results, Performance, and Consultants 

Our team of consultants has collectively conducted thousands of penetration tests. We are some of the best experts in the industry and have cultivated strong client relationships built on quality, actionable results. 

The Secure Ideas Difference

Secure Ideas has been testing security systems since 2010, and its core testing competency is performed by consultants with at least ten years of IT experience each. Our primary goal in every penetration testing engagement is to help our clients improve their security posture. Here are a few other ways we stand out:

INTEGRITY: Though we are referred to as "hackers", Secure Ideas was founded on a strong foundation of ethical security testing. Well defined rules of engagement, local and federal laws, and our clients' privacy are all critical considerations to us in every engagement.

QUALITY: You will never have to worry about Secure Ideas trying to pass off an automated scan as a penetration test. We make an effort to understand the technology and the current threat landscape to thoroughly test the security of IT systems and advise our clients accordingly.

PARTNERSHIP: We place a high value on our relationships with our clients. It is not enough to just do a penetration test and write up a report. At Secure Ideas, we welcome follow-up conversations, feedback, and questions from our clients year-round.

img-prof-evil-hat-tip

NETWORK


  • Internal / External / Both
  • Gray / White / Black Box
  • Remote / On-Site / Cloud
  • Any Size
  • HIPAA / PCI / Other*
  • Segmentation Testing*

APPLICATION (WEB/MOBILE)


  • Internal / External
  • Any Technology Stack
  • Gray / White / Black Box
  • SPA / Legacy
  • Remote / On-Site

API


  • RESTful / SOAP / Other
  • Gateway / Standalone
  • Swagger / Postman
  • Client or Service APIs
  • Any Technology Stack

DEVICES AND MECHANISMS


  • IoT
  • Security Devices
  • Medical
  • SCADA
  • Others

WIRELESS, PHYSICAL, SOCIAL ENGINEERING


  • On-Site
  • Buildings, Multi-Site
  • Phishing
  • Focus on Users

Pricing Model

All of our proposals for penetration testing work are made at a fixed-price, based on the estimated level of effort for the included tasks. Since the level of effort can vary significantly, so can the price. Most penetration tests fall somewhere in the range of $10,000 - $45,000 USD. See How much does a penetration test cost? for a deeper dive on this topic.

icon-engagement-600x600

Our Engagement Process

Many people find the process for engaging a third party penetration supplier daunting. We recognize this and do what we can to simplify and streamline our process. Unfortunately, there is no one size fits all penetration test because each situation has a unique scope and considerations. Our engagement process is as follows:

  1. Scoping: The first step requires a few moments of your time to estimate the engagement's effort. This is typically a 15-30 minute phone call with one of our consultants to understand your needs for the penetration test.
  2. Proposal: Our consultant will use the information from scoping and their experience to estimate the effort of the penetration test and write this into a Statement of Work (SoW) with a quote. All of our penetration test work is proposed as a fixed-price contract based on the estimate.
  3. Scheduling: Once you have decided to move forward with our proposal, we work with you to find a mutually agreeable time to perform the test.
  4. Kick-Off: About 1-2 weeks before the start of the test, our assigned consultants will meet with you to go over the details of the test and any items they will need to start the work.
  5. Testing: Testing will occur over the duration specified in the SoW, usually somewhere between a few days and two weeks.
  6. Testing: Testing will occur over the duration specified in the SoW, usually somewhere between a few days and two weeks.
  7. Delivery: A drafted report is typically delivered within one week of the end of testing. Once you have reviewed it and provided feedback, any necessary adjustments will be made to the report. Letters of Attestation are also available at the client's request.
  8. Retesting: If you remediate items from a test we performed, we are happy to test the changes to make sure they have been correctly implemented.

What can we help you with?