Frequently Asked Question

Techdefence Labs is another vertical of Advanced Techdefence Private Limited,Started by Sunny Vaghela and team of IT security Professionals focusing on Information Security Serivces & Products

Techdefence Labs currently excels at the following services:

  • Web Application Penetration Testing
  • Network Penetration Testing
  • Source Code Review
  • Mobile App Penetration Testing
A vulnerability assessment is the process of identifying, quantifying, and then prioritizing (or ranking) the vulnerabilities in a system/network/website/application.

A penetration test, or the short form pentest, is an attack on a computer system/network/. with the intention of finding security weaknesses, potentially gaining access to it, its functionality and data.

  • Vulnerability Assessments are designed to yield a prioritized list of vulnerabilities and are generally for clients who already understand they are not where they want to be in terms of security. The customer already knows they have issues and simply need help identifying and prioritizing them.
  • The more issues identified the better, so naturally a white box approach should be embraced when possible. The deliverable for the assessment is, most importantly, a prioritized list of discovered vulnerabilities (and often how to remediate).
  • Penetration Tests are designed to achieve a specific, attacker-simulated goal and should be requested by customers who are already at their desired security posture.
  • The deliverable for a penetration test is a report of how security was breached in order to reach the agreed-upon goal (and often how to remediate).
We’ve tested several applications, our vast experience and commitment to service allows us to support the following industries: Banking, Insurance , Securities Brokerage, Investment Banking , Securities Trading, Investment Management, Securities Analysis, Financial Planning, eCommerce, Payment Gateway, Billing Systems, Pharmaceutical R&D, Pharmaceutical API, Pharmaceutical Drug Delivery, Food Wholesale, Online Gaming, Medical and Healthcare, B2B Software, Chemical R&D, Credit Services, and many more.

Penetration testing should be performed for a variety of reasons. Some of the more common reasons why companies perform penetration tests include

  • Most relevant regulatory standards require penetration tests are performed.
  • Network penetration testing can identify vulnerabilities inadvertently introduced during changes to the environment, such as a major upgrade or system reconfiguration.
  • Web Application testing can be integrated into the QA process of the Software Development Life Cycle to prevent security bugs from entering into production systems.
  • Organizations, especially those acting as data custodians, are being required to have testing performed by their customers. Penetration testing can demonstrate a commitment to security from a customer perspective and provide attestation that their assets or services are being managed securely.
The test can take at least 1-10 days depending upon complexity of application and depth of testing requirements. We always provide clients prior information and schedule test with planning so that there are no hitches when penetration testing takes place.
Although we take every effort to make sure that our penetration testing is not disruptive, there are instances that it can. Sometimes old servers, operating systems, or software driving your applications that hasn’t been properly patched may freeze up during the testing procedure. We always coordinate our efforts according to your schedule and can also accommodate testing after peak hours. It’s always best to have a member of your team to be able to readily access critical servers or infrastructure while the penetration testing is in progress so we can discover and eliminate any weaknesses during the penetration test, rather than ignore the situation and allow a malicious user to gain access and disrupt service.
When a penetration testing provider is hired, the hiring company should expect that every penetration test team includes a dedicated project manager, a skilled and experienced test team, resource coordinator(s), and a point of escalation, At Techdefence Labs, we have team of dedicated professionals who holds certifications like PMP, CEH, ECSA,CISSP,CISA,PCI QSA and PCI PA-QSA and ISO 270001 LA.
Once our penetration test is completed, you should receive a report or deliverable detailing all of the findings, recommendations, and supporting evidence. The deliverable should clearly document the scope and boundaries of the engagement as well as the dates the testing was performed.
The cost for network penetration testing varies greatly. A number of factors are used to determine pricing including, but not limited to the scope of the project, the size of the environment, the quantity of systems, and the frequency of testing. always recommend fixed-fee basis model to eliminate any unexpected costs or unplanned expenditures. The quoted fee will include all labor and required time frame and scope of project.
In this rapidly growing IT industry, nothing is 100% secure and never were. Even Google and Facebook Servers have been hacked many times not because they were not secure but new vulnerabilities have been found and exploited before security professionals patch them. So don't expect guarantee in this area.
Our offerings include OWASP Top 10 2013 and WASC 49 classes depending on business-critical and non-critical apps.
Yes, you can visit our Training Site from here (http://techdefence.com) for more info or send us inquiry directly at support@techdefence.com.
Oops. Got a question we missed? Ask away! support@techdefencelabs.com.