GuidePoint Security announced the availability of its Penetration Testing as a Service offering, which combines traditional testing with recurring, automated testing and continuous reporting.
While
traditional, point-in-time penetration testing is an important
component of an overall security program that will deliver deeper
results, they are typically narrower in scope due to the necessary
skills required to carry out such a test. With this complementary
automated penetration testing offering, GuidePoint can help
organizations ensure the security of their networks and applications as
new vulnerabilities are released every day, by rapidly and continuously
identifying vulnerabilities.
"Together,
automated and traditional penetration testing really deliver the best
results possible," said Victor Wieczorek, VP of Application Security and
Threat and Attack Simulation. "As automated results are delivered
throughout the year, our customers can remediate critical
vulnerabilities in real-time. Additionally, when it's relevant to
conduct a traditional penetration test, we will already have a good idea
of the areas that may need to be retested or probed deeper. With our
Penetration Testing as a Service, our customers will gain actionable
results in real time through the rapid identification, exploitation,
reporting and remediation of vulnerabilities across their organization
as they arise."
GuidePoint's Penetration Testing as a Service provides:
- Automated
tooling to enable rapid penetration testing to find and exploit
vulnerabilities, paired with expert penetration testers to audit and
validate results
- The
ability to ingest and leverage newly discovered exploits for rapid
testing across the environment to identify new vulnerabilities as
quickly as possible
- Immediate results for customers to take action on and remediate vulnerabilities as they are discovered
This
offering rounds out a complete portfolio of threat and attack
simulation services that GuidePoint Security provides, including: traditional penetration testing, cloud penetration testing, purple teaming, red teaming and social engineering.