You will get professional penetration testing report for your Clients | SOC 2 | PCI-DSS

Attila H.
Attila H. Attila H.
4.9
Top Rated

Let a pro handle the details

Buy Assessments & Penetration Testing services from Attila, priced and ready to go.

You will get professional penetration testing report for your Clients | SOC 2 | PCI-DSS

Attila H.
Attila H. Attila H.
4.9
Top Rated

Select service tier

Black box

In a black box penetration test, no information is provided to the tester at all

  • Delivery time 5 days
    • Cost Estimation

5 days delivery — 21 Sept 2024
Revisions may occur after this date.
Upwork Payment Protection
Fund the project upfront. Attila gets paid once you are satisfied with the work.

Let a pro handle the details

Buy Assessments & Penetration Testing services from Attila, priced and ready to go.

Project details

Professional penetration testing helps identify and address any shortcomings or vulnerabilities of your web or mobile application. The service provided will satisfy the requirements of clients or auditors (SOC 2, PCI-DSS, ISO 27001, HIPAA, etc.).

The testing is conducted by US-based and international team members with the following certifications:
 • Certified Information Systems Security Professional (CISSP)
 • Certified Information Systems Auditor (CISA)
 • Certified Ethical Hacker (CEH)

The testing methodology is based on the OWASP Web and Mobile Application Security Testing Guidelines and other international standards and frameworks, including the NIST 800-115 SP, PCI-DSS requirements, and the Open Source Security Testing Methodology Manual. The rules of engagement will be defined during the scoping call.

Deliverables
 • Executive summary of key findings with attestation letter
 • Full findings report with criticality based on industry standards (CVE)
 • Recommendations for remediation and/or mitigating controls to implement
 • Artifacts collected during the test

The reports are always manually (not copy+pase from scanning tools) created with letter-headed formatting.
Cybersecurity Assessment Type
Penetration Testing
Cybersecurity Expertise
Data Protection, Audit, Risk Assessment
Technology Type
Firewall, IaaS, Computer Network, Data Center, Database, Operating System, SaaS, Web Application, CRM, Email System, ERP, Mobile Device, PaaS
Cybersecurity Regulation
ISO, HIPAA, NIST Cybersecurity Framework, PCI DSS, SOC 2
What's included
Service tiers Starter
US$1,500
Standard
US$3,000
Advanced
US$5,000
Delivery time 5 days 10 days 20 days
Application Audit
-
-
-
Project Plan
-
-
-
Cost Estimation
Optional add-ons You can add these on the next page.
Mobile application testing
+US$2,000

Frequently asked questions

4.9
194 reviews
97% Complete
2% Complete
1% Complete
1% Complete
(0)
1% Complete
(0)
Rating breakdown
Availability
4.9
Deadlines
4.9
Skills
5.0
Cooperation
5.0
Quality
4.9
Communication
5.0

DD

Devin D.
2.80
10 Sept 2024
Drata tasks for SOC 2 and ISO 27001 certification

AF

Aaron F.
5.00
10 Sept 2024
vCISO service Attila and his team delivered excellent security and compliance services. They made it easy for us to keep track on with our ISO 27001 certification maintenance and helped to answer client questionnaires, enabling us to score new clients. In addition, they have updated our ISMS with NIST 800-171 requirements on our road to CMMC compliance.

FG

Farid G.
5.00
2 Sept 2024
30 minute consultation

CB

Christian B.
5.00
2 Sept 2024
ISO 27001 certification and vCISO service Attila delivered outstanding work, guiding us through the entire process of achieving our ISO 27001 certification for two companies. His expertise, attention to detail, and commitment were evident at every step. He provided clear, actionable advice, ensuring we met all requirements with confidence. Highly recommended for anyone seeking top-notch support in cybersecurity and compliance. 10/10!

MS

Mohammed S.
4.70
25 Jul 2024
Cybersecurity Code Review and Compliance Audit for IOS App
Attila H.

About Attila

Attila H.
Senior Security & Compliance expert | SOC 2|vCISO|GDPR|Vanta|Drata
100% Job Success
4.9  (194 reviews)
Dublin, Ireland - 12:05 am local time
Let me help you unlock business opportunities and growth (💲millions) and sell to the likes of Disney, Pfizer, Uber, Siemens, Google, PWC, and so on. In the B2B space, you need Security, Privacy, and Compliance to sell to Enterprises! You focus on the business, and I'll take care of security, privacy, and compliance.

Sleep well overnight because you know you are in good hands with the 🥇 Upwork virtual CISO, Security, Privacy, and Compliance consultant (1M+ earnings, 20+ years of enterprise experience)!

CEO selling to Morgan Stanley: 🥂"The certification is enabling us to strike a deal with a Fortune 100 client."
CEO selling to Philips: 🍾 "We have achieved the ISO 27001:2022 certification in record time."
CEO selling to Pepsi:🎉 "Attila supported the growth of our business into Fortune 100 accounts."
COO selling to Fannie Mae:👏 "We achieved a successful SOC 2 Type II attestation with no exception."

💭Securing your business, passing security assessments by clients or prospects, and achieving a security certification 𝙨𝙝𝙤𝙪𝙡𝙙 𝙣𝙤𝙩 𝙗𝙚 𝙖 𝙘𝙪𝙢𝙗𝙚𝙧𝙨𝙤𝙢𝙚 𝙖𝙣𝙙 𝙥𝙖𝙞𝙣𝙛𝙪𝙡 𝙚𝙭𝙚𝙧𝙘𝙞𝙨𝙚. 👌 All you need to do is ping me on Upwork, bring your problem, and after a 15-minute scoping call, I will provide you with a detailed Scope of Work.

Specialized in business-to-business clients, providing 💸money-back guaranteed💸 ISO 27001, SOC 2, GDPR, HIPAA, PCI-DSS, CMMC, and FedRAMP projects and affordable virtual CISO (vCISO) services. ----> If you don’t get certified, all my fees will be refunded! <----

We are a good match if you are:

😢Busy developing your product or business and don’t have time and resources to be consumed by compliance efforts and endless meetings, halting your production for months
🤔Already purchased a DIY compliance tool (Drata, Vanta, Thoropass/HeyLaika, Sprinto, Tugboat Logic, SecureFrame, Strike Graph, Audit Board, Trust Cloud, and so on) but 𝙙𝙤𝙣’𝙩 𝙠𝙣𝙤𝙬 𝙩𝙝𝙚 𝙣𝙚𝙭𝙩 𝙨𝙩𝙚𝙥 𝙤𝙧 𝙙𝙤𝙣’𝙩 𝙝𝙖𝙫𝙚 𝙩𝙞𝙢𝙚.
😢You quickly need quick security or privacy awareness training, cloud security posture assessment (AWS, GCP, Azure), endpoint security (MS 365 - Intune, Jumpcloud, Google Workspace), or penetration testing?
💪Want to decrease your sale cycle by being compliant and having all the answers for the security and privacy questionnaires?
💪Facing challenges with the security and privacy implications of AI products?
💪Want continuous access to a certified, creditable security, compliance, and privacy professional to manage your security framework? -> Continous virtual CISO (vCISO / fractional CISO) service with affordable weekly payments!
😟Need world-class, battle-proof security and privacy policies and you need it quickly? The kind of ones that have passed audits by KMPG, Deloitte, E&Y, Pepsi, Uber, Verizon, Philips, Facebook, and many others.
💪You want problems to be solved by the BEST

Working with me, you will:
● Stop struggling with compliance requirements, security questionnaires, or useless document templates.
● Make the first steps on the journey to selling Enterprises
● Receive turnkey, Enterprise-grade security operation framework ensuring long-term effectiveness
● Work with an experienced senior team (architects, pen testers, endpoint engineers, developers, auditors, consultants) that regularly helps clients score Enterprise accounts.

My stats are:
✅Saved tens of thousands $$$$$ for clients, advising them on the right security tools, solutions, and approach
✅#1 in Information Security and IT compliance categories (1M+ earned)
✅Supporting all time zones
✅Long-term engagements
✅Professional certifications (CISA, CISSP, ISO 27001 IA)

About the Security Consultants team:
QUALITY over QUANTITY is our ethos. Excellent quality, on time, always. We only take on projects when we can deliver outstanding results. The team consists of (only) senior experts in AWS, Azure, GCP DevOps, SecOps, Penetration testing, Google Workspace, MS 365 Intune, AppSec, auditing, and compliance.
Professional Integrity: We are strongly committed to moral and ethical principles and values, such as honesty, honor, responsibility, trustworthiness, and objectivity.

What we look for in a new client:
● Open-minded, relaxed attitude
● Values integrity & long-term relationships
● Willing to accept advice and guidance (security is a complex niche)

Security questionnaire and vendor assessment tools:
CyberGRX, Panorays, KY3P (S&P, PWC), RSM, CyberVadis, SIG, SIG Lite, CAIQ, VAS, HECVAT, OneTrust, Graphite Connect, Centrl, Whistic, Process Unity

Security/Compliance frameworks: ISO 27001, SOC 2, FedRAMP, NIST 800-53, NIST 800-171, NIST CSF, TISAX, HIPAA, HITRUST CSF, GDPR, NERC, ISO 27017, ISO 27018, CMMC, CMMI, TX-RAMP, StateRAMP, AZ-RAMP, NY DFS 23 / NYCRR Part 500, PCI-DSS, FFIEC, C5, ENISA, Center of Information Security (CIS) CSAT, IRAP, PIPEDA, ISO 42001

Steps for completing your project

After purchasing the project, send requirements so Attila can start the project.

Delivery time starts when Attila receives requirements from you.

Attila works on your project following the steps below.

Revisions may occur after the delivery date.

Scoping call and demo

To understand the application and properly define the scope of the assessment, we require you to jump on a 30-minute call to demo the application and clarify the rules of engagements (testing period, targets, limitations, etc).

Review the work, release payment and leave feedback for Attila.