Discover our main packages:
If you have OT equipment (Scada) or other special needs, we'll work with you to determine the best approach.
Depending on the asset to be tested and the underlying need. Of course, we can adapt to your reality. For example, if you already have a vulnerability scanning tool, we think you will really value our Bring your own scanner concept 😉
📌 We would like to emphasize that we do not consider our smallest package as the Cheap option and the most complete package as the Cadillac option. The best package is the one that best suits your needs, that's it. You can count on us to guide you to the best choice(c.f. our no bullshit policy 🤓).The most effective way to determine the best strategy is to have a talk. For that, nothing could be easier, you can choose a schedule that suits you here.
You will get the list of identified vulnerabilities, their level of criticality in order to prioritize patches and recommendations that will allow you to improve your security posture.
We simulate a hacking attempt. We use the same techniques and tools as a real hacker with realistic scenarios depending on the situation.
Our penetration tests comply with the methodologies required to obtain TGV, PCI DSS, ISO 27001 or SOC 2 Type II. certification. They are based on the guidelines and practices recommended by OWASP and Offensive Security.
(retest to validate the patches in option)
This report, also presented in a meeting, explains how your system was compromised and how to correct the situation (in a realistic manner adapted to your business reality).
This report is more like a one pager that gives you a summary of the situation so that you have a formal document attesting that you have carried out the test and what the result is.
Ideal to present to your board of directors, your customers or investors.
2h block with us following the intrusion test to brainstorm on the implementation of recommendations.
Assessing the security level of your system is good. Improving it afterwards is better. To help you get started, we rent you the brain of a hacker for 2h to help you create your game plan.
You will get the list of identified vulnerabilities, their level of criticality in order to prioritize patches and recommendations that will allow you to improve your security posture.
Only for your internal network
We simulate a hacking attempt. We use the same techniques and tools as a real hacker with realistic scenarios depending on the situation.
Our penetration tests comply with the methodologies required to obtain TGV, PCI DSS, ISO 27001 or SOC 2 Type II. certification. They are based on the guidelines and practices recommended by OWASP and Offensive Security.
(retest to validate the patches in option)
Your dedicated online platform for reporting on the list of vulnerabilities and flaws identified during the penetration test
Excels and PDFs are convenient, but being able to manage your vulnerabilities and recommendations directly online is a step up in terms of experience. Your report will be delivered right to your platform (with the export button of course 😉 ).
Presentation of the results of the penetration test and the scan
In a meeting, we explain how we managed to compromise your system and how to correct the situation (in a realistic way and adapted to your business reality) while helping you to take control of the platform.
This report is more like a one pager that gives you a summary of the situation so that you have a formal document attesting that you have carried out the test and what the result is.
Ideal to present to your board of directors, your customers or investors.
1 4h block with us following the penetration test to brainstorm on the implementation of recommendations
Assessing the security level of your system is good. Improving it afterwards is better. To help you get started, we rent you the brain of a hacker for 4h to help you create your game plan.
For 12 months with access to the console
Complimentary - maximum 5
New vulnerabilities are discovered every day and your public IP addresses are particularly at risk. With continuous scanning, you will always be aware of new vulnerabilities AND you will be autonomous since you have direct access to the console.
Bonus: The scanning tool synchronizes directly to your platform so you can centralize all the information.
2h with us after each test to brainstorm on the implementation of recommendations
Assessing the security level of your system is good. Improving it afterwards is better. To help you get started, we rent you the brain of a hacker for 2h after each test to help you adopt the best security strategies.
We simulate a hacking attempt. We use the same techniques and tools as a real hacker with realistic scenarios depending on the situation.
Our penetration tests comply with the methodologies required to obtain TGV, PCI DSS, ISO 27001 or SOC 2 Type II. certification. They are based on the guidelines and practices recommended by OWASP and Offensive Security.
(retest to validate the patches in option)
Whether you make a lot of changes to your API or just need peace of mind, this solution is for you. After the first main penetration test, we retest portions of your API at regular intervals (every month, every quarter, it's up to you). We are talking about tests performed by humans and not automated scans.
Your dedicated online platform for reporting on the list of vulnerabilities and flaws identified during the penetration test
Excels and PDFs are convenient, but being able to manage your vulnerabilities and recommendations directly online is a step up in terms of experience. Your report will be delivered right to your platform (with the export button of course 😉 ).
You will be able to see the list of your flaws fluctuate throughout the tests: fixed flaws disappear and new ones are added. You will be able to manage them in real time.
In a meeting, we explain how we managed to compromise your system and how to correct the situation (in a realistic way and adapted to your business reality) while helping you to take control of the platform.
This report is more like a one pager that gives you a summary of the situation so that you have a formal document attesting that you have carried out the test and what the result is. Ideal to present to your board of directors, your customers or investors.
For 12 months with access to the console
Complimentary - maximum 5
New vulnerabilities are discovered every day and your IP addresses are particularly at risk. The results of recurring scans are integrated into the platform, so you have all the information in one place (API vulnerabilities identified during penetration testing and public IP vulnerabilities identified by scans).
Our vulnerability scanning tool for 12 months (automated)
You will have in hand a vulnerability scanning tool for your internal network. You will be totally independent to identify your vulnerabilities. You will discover them with their level of criticality to prioritize patches. The recommendations included will allow you to improve your security posture.
We simulate a hacking attempt. We use the same techniques and tools as a real hacker with realistic scenarios depending on the situation.
Our penetration tests comply with the methodologies required to obtain TGV, PCI DSS, ISO 27001 or SOC 2 Type II. certification. They are based on the guidelines and practices recommended by OWASP and Offensive Security.
Whether you have made significant changes to a part of your network or just want to test another scenario, this test is perfect for you. We're talking about tests performed by humans, not automated scans.
Your dedicated online platform for reporting on the list of vulnerabilities and flaws identified during the penetration test
The scan tool synchronizes directly with this platform so that you can centralize all information.
You will already have access to your list of vulnerabilities with the scan tool. In addition, this 2nd platform improves the management, display and communication of these vulnerabilities. You will also have access to remediation plans with the ability to prioritize according to your business reality. Not to mention the results of your pentest (and other tests if applicable).
No more reports scattered between PDFs and excels, you will have everything in one place.
In a meeting, we explain how we managed to compromise your system and how to correct the situation (in a realistic way and adapted to your business reality) while helping you to take control of the platform.
This report is more like a one pager that gives you a summary of the situation so that you have a formal document attesting that you have carried out the test and what the result is.
Ideal to present to your board of directors, your customers or investors.
2h with us each month to brainstorm on the implementation of recommendations
Assessing the security level of your system is good. Improving it afterwards is better. To help you get started, we rent you a hacker's brain for 2h a month to help you adopt the best security strategies.
For 12 months with access to the console
Complimentary - Maximum 5
New vulnerabilities are discovered every day and your IP addresses are particularly at risk. In addition to scanning your internal network, we add your IP addresses exposed on the Internet.
There are plenty of free tools that will change your life and make you more independent. We'll be happy to share them with you and teach you how to use them.
You think you have been a victim of an attack?
Call us first:
we assess the situation with you
we set up the War Room
we contact the right players
Our vulnerability scanning tool for 12 months (automated)
You will have in hand a vulnerability scanning tool for your internal network. You will be totally independent to identify your vulnerabilities. You will discover them with their level of criticality to prioritize patches. The recommendations included will allow you to improve your security posture.
We simulate a hacking attempt. We use the same techniques and tools as a real hacker with realistic scenarios depending on the situation.
Whether you have made significant changes to a part of your network or just want to test another scenario, this test is perfect for you. We're talking about tests performed by humans, not automated scans.
Your dedicated online platform for reporting on the list of vulnerabilities and flaws identified during the penetration test
The scan tool synchronizes directly with this platform so that you can centralize all information.
You will already have access to your list of vulnerabilities with the scan tool. In addition, this 2nd platform improves the management, display and communication of these vulnerabilities. You will also have access to remediation plans with the ability to prioritize according to your business reality. Not to mention the results of your pentest (and other tests if applicable).
No more reports scattered between PDFs and excels, you will have everything in one place.
In a meeting, we explain how we managed to compromise your system and how to correct the situation (in a realistic way and adapted to your business reality) while helping you to take control of the platform.
This report is more like a one pager that gives you a summary of the situation so that you have a formal document attesting that you have carried out the test and what the result is.
Ideal to present to your board of directors, your customers or investors.
2h with us each month to brainstorm on the implementation of recommendations
Assessing the security level of your system is good. Improving it afterwards is better. To help you get started, we rent you a hacker's brain for 2h a month to help you adopt the best security strategies.
For 12 months with access to the console
Complimentary - Maximum 5
New vulnerabilities are discovered every day and your IP addresses are particularly at risk. In addition to scanning your internal network, we add your IP addresses exposed on the Internet.
There are plenty of free tools that will change your life and make you more independent. We'll be happy to share them with you and teach you how to use them.
Usually, you have implemented backup solutions for your data. But have you estimated the time required to reconfigure your entire Active Directory if you had to? We're stealing the punch, but it's a MUST-have.
You think you have been a victim of an attack?
Call us first:
we assess the situation with you
we set up the War Room
we contact the right players
With all our packages, we can add testing of your public IP addresses.
Whether we collaborate year-round or for a one-time project, you will feel like you belong to our team ( this is not coming from us as a comment 🤓 ).
No client/vendor here, just humans working together to find solutions that make sense.
We can't wait to talk solutions with you ;)
You already have a tool in place to scan your vulnerabilities? Good job. At your request, we can validate whether this is a good solution for your company. In any case, we will not charge you twice for the same service. If your tool is compatible, we'll even connect it to our reporting platform so you have everything in one place ☺
Besides our optional offer on Semperis products, we will never recommend a product to make a cut. We certainly have preferences like 1password or Cloudflare, but we also know when these solutions are not viable in your context. In those cases, we'll bring you more suitable alternatives.
Likewise, we will gladly refer you to other companies for ISO27001 assessments or awareness training, for example, but we only make the connection. When possible, we will even offer you several alternatives.
A good example of our approach is the bring your own scanner policy; we obviously had to choose a tool that was adapted to our needs and those of our clients. That being said, we don't really like the idea of forcing you to adopt our tool and even less the idea of making you pay the same service twice 😉
