}
Knowledge Center

Everything you ever wanted to know about...

What is the Process for a Pentest?

If we don't answer your question here:

What is the Process during a Penetration Test?

Our penetration testing process extends far beyond the performance of the test itself. Secure Ideas strives to provide testing services and deliverables that are actionable and practical. In order to do this, we aim to provide a smooth process from start to finish. This begins with the initial scoping call. Our expertise in testing includes decades of work for organizations across all verticals and we can leverage this to make sure that a proposal includes exactly what you need and nothing you don’t.

Before the Engagement

The first significant step prior to an engagement is to schedule a kickoff call to introduce the senior Secure Ideas security consultant(s) assigned to the project with the client team. We aim to cover a variety of topics prior to and during the kickoff call to ensure a smooth engagement. This call will cover topics such as:

Pentest kickoff

  • Introduction of team members
  • Methodology of testing
  • Success criteria
  • Review of scope and timing of work
  • Review of phases and milestones
  • Third-party approvals required (if necessary)
  • Provisioning
  • Testing constraints (if any)
  • Items to be provided by our client and by Secure Ideas
  • Contact information for both sides
  • Planning for ongoing status meetings (frequency, method, participants, etc.)
  • Procedures and contacts for emergencies

During the Engagement

Once the project has begun, Secure Ideas maintains direct communication with the client team via the method(s) and timing as determined in the kickoff call. Throughout the project, Secure Ideas Technical and Project Leads are available 24/7 in case of emergencies. Our client should be prepared to provide a dedicated emergency contact who is also available 24/7 throughout the testing portions of the engagement.

Secure Ideas also makes themselves available for a debrief call at the end of the testing and analysis to ensure all access has been terminated, appropriate files returned, etc. Should our client exercise this option, this call is between the two technical teams regarding such administrative issues.

Finally, during all testing, Secure Ideas staff is available 24 hours a day, seven days a week should our client have any needs or concerns regarding the testing.

After the Engagement

At the completion of all testing and analysis, Secure Ideas will produce a customized report detailing the findings of the engagement as well as remediation recommendations. Our client will be required to set up a portal account in the Secure Ideas secure portal in order for Secure Ideas to deliver the report.

Ready to

talk?

Didn't answer

your question?