Shifting left is critical to the continued security in organizations. Most development is made better by moving security earlier in the process. But the traditional penetration testing of web applications and APIs doesn't fit well in the earlier stages of the software development lifecycle(SDLC).
Secure Ideas has created a process of testing credits to help solve these issues (especially when paired with SASTA). An organization is able to purchase credits to use over the next 24 months. These credits, combined with a self-scoping system, allows for an organization to work with Secure Ideas within their development processes. The testing credits can be used for:
Once the credits are purchased, Secure Ideas works with the organization to embed the testing into the current processes. Most, if not all, of the testing associated with credits can start within 1-2 business days from the initial request. The client then receives the report as rapidly as possible.
Secure Ideas offers a discount table based on the numbers of credits purchased. This table outlines the discounts:
Each pre-purchased credit is approximately one day of testing effort and is part of embedding the testing within the client organization's processes, such as their SDLC. The discounts offered for volume purchases and adding on the SASTA program are described in greater detail within the Prepaid Credit Guide Knowledge Center article.
To enable us to embed our testing as efficiently as possible, we have created a unique process for our pre-purchased testing credits. Our engagement process is as follows: