Citadelo now offers penetration tests as "Hacking-as-a-Service" (HaaS). With the hacker subscription, the cyber security specialist wants to ensure more cyber security and IT stability in companies across Europe by detecting weak points several times a year.
In Citadelo's experience, only a fraction of the organizations in the DACH region conduct security checks at all. And if so, then usually only once a year - often in the fourth quarter. "We at Citadelo believe that this approach is a methodological error," explains Mateo Meier, member of the Citadelo Executive Board. “Hackers try to gain access to corporate assets and infrastructure at any time of year, over and over again. This makes it all the more important to test applications, websites and infrastructure in shorter cycles and more frequently.”
The shorter the test cycles and the closer the test pattern, the sooner serious security gaps may be noticed, and weak points can be closed more quickly. "In this way, an unwanted outflow of intellectual property and other sensitive data can be prevented or stopped earlier, a cyber attack can be avoided or its extent limited," Meier continues.
Provide as few attacking flanks as possible
The Citadelo hacking subscription can be booked as a basic, premium or professional version. High-risk results are reported immediately in all variants, the Pro version also includes an incident response in case an ongoing attack is detected and requires immediate action. A certified project manager (PRINCE2 certification, April 3.4.2017, XNUMX) is responsible for the project, communication and implementation of the penetration tests.
In terms of content, the scope goes beyond the nominal designation of the hacking subscription and, in addition to pen tests of cloud applications, mobile and infrastructures, also includes source code reviews, services in the context of industrial IT security, red and blue teaming as well as IT security checks and/or IT security consultations.
On average 10 vulnerabilities per test
“With hacking-as-a-service, organizations can be sure that their systems are always up to date and that they offer cybercriminals as few attack vectors as possible. This increases their resilience to cyber attacks,” says Meier. In the last year alone, the Citadelo team conducted 276 penetration tests, finding and patching 2677 vulnerabilities. There were an average of 9,5 vulnerabilities in different categories per project – i.e. almost 10 opportunities per project to compromise a company.
More at Citadelo.com
About Citadelo
Citadelo, an ethical hacking company, is one of the fastest growing cybersecurity companies in Europe. To date, Citadelo, with around 30 employees, has implemented more than 1000 projects in the field of cybersecurity & ethical hacking and can refer to more than 100 customers, including Fortune 500 companies, including those in the critical infrastructure sector.