PENTEST AS A SERVICE
What is penetration testing as a service (PTaaS)?
Penetration testing certifications and standards
Classic vs. Pentest as a Service
So what are the key differences between the classic penetration test and the “ pentest as a service” contract model?
For every regular penetration test, you need about 1/4 – 1/3 of the project time for the organization (project management) and the creation of the documentation for a proper (legally correct) implementation. With the Pentest as a Service model, we reduce this time and financial overhead considerably, as we can repeatedly carry out a test phase in an agreed period.
These regular checks improve your IT and create optimized time and priority management through assigned work packages for internal implementation. We would like to explain further differences in the following table.
For whom is penetration testing as a service useful?
This service model is most suitable if you meet one of the following points:
- We require regular penetration tests
- We are legally required to carry out a penetration test
- We lack manpower to act on the findings
How does Pentest as a service work in practice?
In Kritis environments, it is often a framework contract that regulates when which systems should be tested on-site. We work with you to develop a model that suits you, of course, free of charge, anything else would be simply dubious.
For simple design in medium-sized companies or group
Either way – it is a quality service that has to be individual. Therefore, only after meeting and getting to know your needs, we can prepare and give you an insight into how the model can help you.