Young hacker smiling

Comparative

Our Ethical Hacking and Pentesting services seek to find and report all the present security vulnerabilities in your application. It is important to distinguish between the different services we offer in order to select the service that fits your needs. To this end we present the following table:

Table 1. Comparison between Continuous and One Shot Hacking services.

Aspects

Continuous Hacking

One Shot Hacking

Attack Cycles

Multiples 1.

Only 1 1.

Remediation Support

yes 2

no 2

Average duration

Between 12 and 36 months 3.

Between 1 and 4 months 3.

Multiple hackers

yes During all the service, at least 5 hackers attack your system.

info At least 2 hackers attack your system.

Face-to-face delivery

info All information deliveries are made via Integrates 4.

yes Results socialization meetings:

  • 1 Virtual validation meeting 4.

  • 1 Face-to-face meeting of final results socialization 5.

Detection time

yes Early

  • Vulnerabilities are detected near the time the programmer injects them.

info Late

  • Vulnerabilities are detected when the system is close to production.

Alerting

yes Continuous alerting system via email to the project leaders about open vulnerabilities 5.

info No alerting system, only final reports.

Vision

yes Information about your system security up to date.

info Information about your system security in a moment of time.

Coverage

yes 100% when:

  • We start simultaneously with production.

  • We make an up to date hacking at the beginning.

  • Hacking does not stop during development stage.

  • Code does not change more than 10K deltas/monthCode change measure, given by the number of lines added or removed from the first day of the month until the last day of the month, with compared to the previous month. 6.

info Agreed at the beginning of the test 6.

Windows

yes In the Continuous Hacking service environments:

  • Can constantly change.

  • Not necessarily are frozen.

  • Windows are not required for hacking.

info Frozen environments and test windows are required.

Infection

no Environments are not infected with cyberweapons.

yes Work stations and critical servers are infected with our custom cyberweapon Commands 7

Remediation ratio

yes Maximum of 100% of reported vulnerabilities.

yes Up to 80% of reported vulnerabilities.

Location

Always remote.

Remote or on premises.

Time to remediate

yes 2 or 3 weeks.

info 3 or 4 months.

Payment

Monthly payment.

1 or 2 payments.


Service status - Terms of Use