Engagement Types
Choose Your Testing Approach
The right engagement depends on what you are trying to simulate. Most compliance-driven tests use Grey Box. Red Team engagements are for organisations that want to test their detection and response, not just their defences.
| Type | What It Simulates |
|---|---|
| Black Box | External attacker with no prior knowledge — the most realistic external threat scenario |
| Grey Box | Authenticated user or insider — simulates compromised credentials or a malicious employee |
| White Box | Full access to source code and architecture — maximum coverage, minimum wasted time |
| Red Team | Full adversary simulation — tests people, process, and technology with no scope limits |
| Purple Team | Red team attacks while your blue team defends simultaneously — detection gaps closed in real time |
Not sure which approach fits your environment?
Book a free scoping call and we will recommend the right engagement →Engagement Scope
What We Test
Web Application Testing
OWASP Top 10 and beyond. SQL injection, broken authentication, business logic flaws, and cross-site scripting. Every finding includes a CVSS score and dev-ready remediation steps.
API Security Testing
REST, GraphQL, and SOAP. Broken object-level authorisation, mass assignment, excessive data exposure. API vulnerabilities are the most exploited class in modern breaches.
Mobile App Testing
Android and iOS. We reverse-engineer the app, test local data storage, intercept API traffic, and assess authentication against OWASP MASVS.
Network Penetration Testing
Internal, external, and wireless. We map your full attack surface and try to reach your most sensitive systems: domain controllers, payment environments, critical databases.
Active Directory Testing
Kerberoasting, Pass-the-Hash, DCSync, and Golden Ticket attacks using BloodHound, Mimikatz, and Impacket. You get a prioritised remediation list, not a tool output dump.
OT / ICS Penetration Testing
SCADA, PLCs, HMIs, and the IT/OT boundary using methodology designed for environments where disruption is unacceptable. All steps coordinated with your operations team first.
Red Team Operations
Phishing, physical access, social engineering, and network exploitation combined. Tests whether your people, processes, and technology can detect and respond to a real attack.
Purple Team Exercises
Red team attacks while your blue team defends in real time. Detection gaps identified and closed during the engagement, not in a debrief weeks later.
Ready to start?
Scope an engagement. Fixed-fee proposal within 3 to 5 business days.
Timelines
How Long It Takes
| Engagement | Typical Duration |
|---|---|
| Web Application Test | 5 to 10 days |
| Mobile Application Test | 5 to 7 days |
| API Security Assessment | 3 to 5 days |
| Network Test (Internal + External) | 7 to 14 days |
| Active Directory Assessment | 5 to 7 days |
| OT / ICS Assessment | 10 to 15 days |
| Red Team Engagement | 3 to 6 weeks |
Deliverables
What You Receive
Every engagement produces two documents. Draft delivered within five business days of testing completion. We present findings to your team directly — we do not send a PDF and go quiet.
Document 01
Technical Report
Full finding register with CVSS scores, exploitation evidence, attack narrative, and step-by-step remediation for every vulnerability. Written for your security and development teams.
Document 02
Executive Summary
Risk in plain language, top findings ranked by business impact, and a prioritised remediation roadmap. Written for your CTO, CISO, or board. Free of jargon.
Compliance
Why You Are Required to Test
Requirement 11.4 mandates annual penetration testing of cardholder data environments. Our reports provide exactly what your QSA requires.
Annex A.8.8 requires technical vulnerability management. Penetration testing is the primary mechanism to satisfy this control.
The State Bank requires periodic penetration testing of network and application layers. We produce SBP-ready reporting.
Applies to telecoms and licensed service providers operating under PTA authority.
Need a compliance-ready penetration test report for your QSA or auditor?
Get a fixed-fee proposal →FAQ
Common Questions
Still have questions?
Talk to our team before you commit. No obligation, no sales pitch.
