You will get a Professional Penetration Testing Report for Web and Mobile Apps
You will get a Professional Penetration Testing Report for Web and Mobile Apps
Project details
I will test your infrastructure (Website, SAAS applications, mobile applications, network, databases) whether IT or OT and try to break through it. Most of the work is done manually, but I use some automated techniques as well. At the end of the project I will provide you with a detailed penetration test report stating how secure your infrastructure is , Description of the vulnerability , Proof of Concept , and Remediation .
Cybersecurity Assessment Type
Penetration TestingCybersecurity Expertise
Cyber Threat Intelligence, Risk AssessmentTechnology Type
Firewall, IaaS, Computer Network, Data Center, Database, Operating System, SaaS, Web Application, CRM, Email System, ERP, Mobile DeviceCybersecurity Regulation
CMMC, ISO, NIST Cybersecurity Framework, PCI DSS, SOC 2What's included $1,000
These options are included with the project scope.
$1,000
- Delivery Time 10 days
- Application Audit
- Project Plan
13 reviews
(13)
(0)
(0)
(0)
(0)
This project doesn't have any reviews.
MM
Matthew M.
Aug 19, 2024
ISO27001 consultant
Without a doubt, this has been my best UpWork experience.
Moe has been imperative to our organization's ISO27001 journey, which has been a drawn-out process (due to delays on our side). He was able to work autonomously, provided clear guidance after his gap analysis, was timely in his responses and information - always adhering to optimistic deadlines set by us. His knowledge of the standard made it seem effortless. He was able to liaise with staff and make sure they adhered to the standard, coach us on the process prior to our audit, and work with us remotely over the course of 3 days with the external auditor to ensure we covered the standard.
Moe helped us achieve ISO27001 certification led by an independent audit conducted by a big 4 consulting company on our first attempt, with only 1 non-conformance which he supported with a timely remediation plan.
We look forward to continuing to work with Moe.
Moe has been imperative to our organization's ISO27001 journey, which has been a drawn-out process (due to delays on our side). He was able to work autonomously, provided clear guidance after his gap analysis, was timely in his responses and information - always adhering to optimistic deadlines set by us. His knowledge of the standard made it seem effortless. He was able to liaise with staff and make sure they adhered to the standard, coach us on the process prior to our audit, and work with us remotely over the course of 3 days with the external auditor to ensure we covered the standard.
Moe helped us achieve ISO27001 certification led by an independent audit conducted by a big 4 consulting company on our first attempt, with only 1 non-conformance which he supported with a timely remediation plan.
We look forward to continuing to work with Moe.
AP
Alesha P.
Aug 19, 2022
PCI Compliance Expert Needed
Moe was really responsive and gave a thorough analysis of the project needs!
RM
Ross M.
Jun 2, 2022
Information Security Documentation Toolkits
Excellent communication. Fair pricing. High quality work.
MM
Matthew M.
May 24, 2022
Implementing NIST standard
Mohammad was extremely knowledgeable, punctual, and delivered beyond expectation. Would highly recommend him and will definitely be engaging him for future projects.
MA
Mousa A.
Apr 21, 2022
Cybersecurity (CS) Standard (SACS-002)
Great freelancer! Good work, quick turnaround time and work was top quality.
I enjoyed working with Mohammad and will likely have additional jobs for him in the future.
I enjoyed working with Mohammad and will likely have additional jobs for him in the future.
About Mohammad
Cyber Security Compliance Consultant
Dubai, United Arab Emirates - 1:10 pm local time
Securing your business, achieving a security certification for your company, or answering a security questionnaire should not be cumbersome and painful exercises.
A certified senior Governance, Risk, and Compliance consultant and a virtual CISO, specialized in consulting for the implementation and operation of security frameworks CMMC, ISO 27001, PCI-DSS, SOC2, IEC 62443, NCA, and NIST CSF with a proven record of successful certification projects, as well as solid experience and expertise in data privacy laws (GDPR, HIPAA, CCPA).
I am fluent in English (graduate of an American university) and Arabic.
Some facts to support your decision:
✅ Constant Top-Rated status
✅ Many completed projects
✅ Supporting all time zones (USA, Europe, Middle East, Australia)
✅ Long-term engagements
✅ 17 years of experience
✅ Professional certifications (ISO 27001:2013 Lead Implementer, ISO 27005 Risk Manager, as well as CISSP, CISA, PMP, ITILv3, and DPO)
Some of the services I offer:
✅ Information security management strategy, assessments, action plan,
✅ Participating in calls during client or vendor engagements, representing the company's Security team,
✅ Security framework implementation and certification readiness (ISO 27001, SOC 2, NIST CSF, PCI-DSS)
✅ Industrial Cyber Security standards audit and assessment and readiness (IEC 62443)
✅ Data privacy assessments and readiness (GDPR, ISO 27701, CCPA)
✅ Part-time DPO
✅ Risk assessment, management, treatment plan, remediation tracking
✅ Answering and filling security assessment questionnaires
✅ Information security policy and procedure creation/update/review
✅ Cyber Security plans and roadmaps
✅ Unique, company-specific tasks
✅ Internal IT and Cyber Security audit, gap assessments
✅ Filling security and compliance questionnaires
✅ Consulting
Thank you for checking my profile!
Ps: Silicon Valley and US-based references are available upon request.
Steps for completing your project
After purchasing the project, send requirements so Mohammad can start the project.
Delivery time starts when Mohammad receives requirements from you.
Mohammad works on your project following the steps below.
Revisions may occur after the delivery date.
Planning and reconnaisance
It is the stage where information and data on your target are gathered to exploit the cyber-attack.
Scanning and footprinting
This stage scans the vulnerabilities. It can be either static or dynamic scanning.