You will get a penetration test executed by an Offensive Security Certified Expert
Andrei R.
You will get a penetration test executed by an Offensive Security Certified Expert
Andrei R.
Project details
I am a certified Offensive Security Professional 3 with various industry certifications and over 15 years of software engineering and cybersecurity experience in various Fortune 500 companies. I've executed hundreds of security audits and related cybersecurity activities.
I will execute a penetration test that uncovers vulnerabilities, weaknesses and misconfigurations in your website, network infrastructure, and applications. I'll provide you with a professional report containing the description of found issues, as well as their severity and advice on how to implement mitigations and improve the security stance of your assets.
What tier should I choose?
Basic - basic audit, limited to 10 hours of manual testing. Works well for websites having a small number of mostly static pages ( < 5 ).
Standard - standard penetration test based on OWASP Top 10
Advanced - thorough penetration test based on OWASP ASVS Level 1
I will execute a penetration test that uncovers vulnerabilities, weaknesses and misconfigurations in your website, network infrastructure, and applications. I'll provide you with a professional report containing the description of found issues, as well as their severity and advice on how to implement mitigations and improve the security stance of your assets.
What tier should I choose?
Basic - basic audit, limited to 10 hours of manual testing. Works well for websites having a small number of mostly static pages ( < 5 ).
Standard - standard penetration test based on OWASP Top 10
Advanced - thorough penetration test based on OWASP ASVS Level 1
Cybersecurity Assessment Type
Penetration TestingCybersecurity Expertise
Audit, Risk Assessment, Gap AnalysisTechnology Type
Firewall, IaaS, Computer Network, Data Center, Database, Operating System, SaaS, Web Application, CRM, Email System, ERP, Mobile Device, PaaSCybersecurity Regulation
NIST Cybersecurity Framework, PCI DSS, SOC 2What's included
Service Tiers |
Starter
$499
|
Standard
$999
|
Advanced
$1,899
|
---|---|---|---|
Delivery Time | 3 days | 5 days | 7 days |
Application Audit | |||
Project Plan | - | ||
Cost Estimation |
Frequently asked questions
About Andrei
Offensive Application Security Expert, Pentester & Software Engineer
Bucharest, Romania - 5:45 am local time
Services:
- Network/Web App/Cloud/Mobile/Firmware Penetration Testing
- White/Grey-box code audit
- Threat Modelling
- Application Security Program Management
- AppSec/Infosec Policy Definition & Implementation
- Phishing Simulations
- DevSecOps automation
- Security Training
Industry certifications:
- Offensive Security Certified Expert 3
- Offensive Security Experienced Penetration Tester
- Offensive Security Exploit Developer
- Offensive Security Web Expert
- Offensive Security Certified Professional
- CompTIA Advanced Security Practitioner
My expertise:
- Experience in Penetration Testing: Network, Web/Desktop/Mobile Application & IoT
- Threat Modelling & Security Architecture
- Experience securing the SDLC: DevSecOps practices, Security Tooling (SAST, DAST, SCA, etc)
- Writing Application Security & InfoSec policies
- Application Security Program Management
- Trainer: given workshops in offensive & defensive security, following industry standards and best practices (OWASP, NIST)
- Vulnerability Management
- Cryptography: certificates, PKI, TLS, encryption
- Experience with AWS
- Senior Java Developer. Developed apps with .NET, Python, C, C++, NodeJS, Golang. Familiar with scripting languages like bash and powershell. Able to adapt to most languages.
- Linux/Mac/Windows/Windows Server/FreeBSD/AIX/ESXi experience
Steps for completing your project
After purchasing the project, send requirements so Andrei can start the project.
Delivery time starts when Andrei receives requirements from you.
Andrei works on your project following the steps below.
Revisions may occur after the delivery date.
Pre-engagement Meeting
We will discuss scope, details about the target infrastructure, security mechanisms, known issues, etc.
Statement of Work
Confirm the Statement of Work document, scope, and assure we have identified and fulfilled all prerequisites.