Punk Security is a CREST accredited company, that uses only UK based penetration testers.

We deliver high-quality, detailed testing with a clear and actionable report and debrief. Follow-up support is also provided, and thanks to our team's specialist DevSecOps skills, we are also able to provide more in-depth development support if required.

What's Involved?

Vulnerability assessment

Following an initial scoping call to establish the scope of the test, we assess your application for technical vulnerabilities and logic flaws. Can one user access the data of another or perform administrative actions?

Infrastructure assessment

Where and how your web application is hosted matters, and as part of the test we will review your configuration to ensure your application, and your users, are protected.

Source Code review

As our web application pentesters are all from development backgrounds, we are able to offer a source code review as standard with all web application pentests. This is offered at no extra cost and provides huge value for our customers. Our experienced developers are able to identify additional vulnerabilities within the code and poor coding practice.

Comprehensive Reporting

Following the test, you will receive a comprehensive, actionable report with findings tailored to your environment and context. This will be delivered during a debrief session led by the testers who delivered your assessment and is a great opportunity to ask any questions you may have. 
 

Communication

Our team will maintain an open communication channel throughout the assessment, which you can use to raise any questions you may have during the test. Our team will also use this to communicate important information, or indeed, if we find anything critical that requires immediate attention. 

Complementary Retest

All tests include a complimentary retest against all findings as standard. This is a fantastic opportunity to verify the success of any remediation efforts.