There are a number of certifications available for pentesters, but the OSCP certification stands above them all as a rigorous and thorough vetting of a pentester's ability. All of Zanarkand's pentesters are required to at least have their OSCP certifcation before they can do any work for a customer, and are encouraged to obtain more certifications as their experience grows.
As part of the pentesting process, we will work with you to determine the systems that need to be tested, as well as the methods employed. Whether you are looking for a black box pentest of your entire network or a white box test of your development servers, we can accomodate it—just contact us for a free consultation.
Pentesting Engagements can vary greatly in scope and depend heavily upon the amount of information supplied up front as well as the amount of information and attack vectors requested. The pricing below is supplied to give a point of reference only and all quotes are custom designed to meet the needs of our customers.
|External Test||$150 / IP Address||This test is similar to an initial attack from the outside of your organization.|
|Internal Test||$150 / IP Address||A test of your company's security from inside your organization's infrastructure.|
|Web Application Testing||$250 / Website||A test of your company's web applications.|
|Wireless Network Testing||$200 / Access Point||A test of your company's wireless technologies.|
|Social Engineering||Due to the broad scope of social engineering vectors, we cannot give a baseline price.|
Though times are changing, and the public is becoming more educated in cyber-security, much of its language and terminology is obtuse or inaccessible. Because we want to have more informed, open conversations with the community, we've provided a small list of terms below to help clarify what we do.
|Pentest||A test of a system's security through exploits, social engineering, and hacking.|
|Exploit||A vulnerability in a program, protocol, or system that allows access, information, or control.|
|White Box||A pentest where the pentester has full knowledge of the network and targets ahead of time.|
|Grey Box||A pentest where the pentester has limited knowledge of the network and targets.|
|Black Box||A pentest where the pentester has no knowledge of the network and targets.|
|Social Engineering||The pentester attempts to gain information and access through psychological techniques.|
© Zanarkand LLC, except for things like the icons, which are © their respective owners. Also, original site design is by Templated.
Have a nice day!