Managed Monthly Penetration Testing Service
INTRODUCTION: What does the Managed Penetration Testing Service provide?
OSI Security provides managed monthly penetration testing, web application security testing and vulnerability assessment services to our customers. This involves repeated hacking attempts on a monthly or quarterly basis over a year (or more) to assess and assure the perimeter security of your organisation’s Internet connected and reachable servers, services and devices.
Like an adversarial hacker, state sponsored or APT (Advanced Persistent Threat), we test your network and systems looking for vulnerabilities that may be exploited to gain access to personal information, intellectual property or compromise the integrity of your business, perpetually over months or years until a weakness is found and unauthorised access is obtained.
Upon detection of a vulnerability, we attempt to abuse it to validate the finding and confirm the actual risk presented to your organisation to eliminate false positives. Every month, at the conclusion of the penetration testing engagement, we send your team an encrypted report which lists all the issues found and suggested remediation action for each problem.
By utilising the same hacking techniques present in the wild, our managed penetration testing service finds and eliminates security holes in your business before a real attacker can abuse it.
BENEFITS
✓ Track issues being fixed (or ignored) by the IT team, each and every month over a year or more
✓ Stay up to date with the latest abused vulnerabilities, such as Heartbleed, GHOST, PHPMailer etc
✓ Flexible and affordable pricing, per IP address or website, grows with the size of your business
✓ Scheduled testing outside of business hours or after development changes are pushed to production
✓ Monthly invoicing allows for effective budgeting, easier cost benefit proposition for purchase approval
✓ Remove the hassle of procuring once off annual penetration testing services or major release retests
✓ No extra cost to retest identified risks to confirm resolution, access to regular advice and alerts
✓ Risk register continually updated, assists with independent auditor reviews, standards & compliance
PRICING FEE & EXAMPLE
We have implemented a flexible elastic fee structure designed to make our enterprise penetration testing services
affordable and accessible to our small and medium business clients:
• $2000 for the first IP address, subdomain name or URL
• $100 per additional target thereafter
All prices are billed per month and exclude the GST component. Examples such as:
• For a single website, the fee would be $2000 invoiced per month @ 12 months = $24,000 per year.
• For a SMB with a website ($2000), staff VPN ($100), email server ($100), and customer portal ($100),
the fee would be $2300 invoiced per month @ 12 months = $26,700 per year ex GST.
• Scales up to 60 IPs ($7,900 per month ex GST). Contact us for our daily rate if you exceed 60 IPs.
If monthly testing is too frequent, unnecessary or expensive for your security needs, we also have other options available.
HOW TO APPLY
Simply enter your organisation’s contact details below, specify the number of IP addresses and/or URLs to be audited (or an estimate). We will be in touch to organise a suitable testing schedule that works for your business.
OSI Security provides managed monthly penetration testing, web application security testing and vulnerability assessment services to our customers. This involves repeated hacking attempts on a monthly or quarterly basis over a year (or more) to assess and assure the perimeter security of your organisation’s Internet connected and reachable servers, services and devices.
Like an adversarial hacker, state sponsored or APT (Advanced Persistent Threat), we test your network and systems looking for vulnerabilities that may be exploited to gain access to personal information, intellectual property or compromise the integrity of your business, perpetually over months or years until a weakness is found and unauthorised access is obtained.
Upon detection of a vulnerability, we attempt to abuse it to validate the finding and confirm the actual risk presented to your organisation to eliminate false positives. Every month, at the conclusion of the penetration testing engagement, we send your team an encrypted report which lists all the issues found and suggested remediation action for each problem.
By utilising the same hacking techniques present in the wild, our managed penetration testing service finds and eliminates security holes in your business before a real attacker can abuse it.
BENEFITS
✓ Track issues being fixed (or ignored) by the IT team, each and every month over a year or more
✓ Stay up to date with the latest abused vulnerabilities, such as Heartbleed, GHOST, PHPMailer etc
✓ Flexible and affordable pricing, per IP address or website, grows with the size of your business
✓ Scheduled testing outside of business hours or after development changes are pushed to production
✓ Monthly invoicing allows for effective budgeting, easier cost benefit proposition for purchase approval
✓ Remove the hassle of procuring once off annual penetration testing services or major release retests
✓ No extra cost to retest identified risks to confirm resolution, access to regular advice and alerts
✓ Risk register continually updated, assists with independent auditor reviews, standards & compliance
PRICING FEE & EXAMPLE
We have implemented a flexible elastic fee structure designed to make our enterprise penetration testing services
affordable and accessible to our small and medium business clients:
• $2000 for the first IP address, subdomain name or URL
• $100 per additional target thereafter
All prices are billed per month and exclude the GST component. Examples such as:
• For a single website, the fee would be $2000 invoiced per month @ 12 months = $24,000 per year.
• For a SMB with a website ($2000), staff VPN ($100), email server ($100), and customer portal ($100),
the fee would be $2300 invoiced per month @ 12 months = $26,700 per year ex GST.
• Scales up to 60 IPs ($7,900 per month ex GST). Contact us for our daily rate if you exceed 60 IPs.
If monthly testing is too frequent, unnecessary or expensive for your security needs, we also have other options available.
HOW TO APPLY
Simply enter your organisation’s contact details below, specify the number of IP addresses and/or URLs to be audited (or an estimate). We will be in touch to organise a suitable testing schedule that works for your business.