OffensyLab is founded on the belief that cybersecurity can be better, faster and
smarter. We are seeing firsthand the impact of cyberattacks on businesses’
finances, reputation, operations, valuation, and people.
Our mission is to make every organization more secure from threats and
confident in their cyber readiness.
OffensyLab delivers next-generation cloud technology to the pentest
process.
Our platform of Pentest-as-a-Service combines our human expertise and insight
with the convenience of cloud apps and findings-as-tickets.
IGIDER is a SAAS platform that offers access to pentesting talent, and enables more effective collaboration among pentesters, engineers, and developers for quick vulnerability identification and remediation.
Our cloud platform, IGIDER, is a new experience of pentest that enables organizations of all
sizes to manage digital safety.
It organize pentests and deliver pentest reports with tickets, so developers and compliance
officers can remediate right away.
Whether it’s scoping a new engagement, analyzing real-time vulnerability reports,
helping you with fix, or keeping you compliant year-round, IGIDER has you covered.
Schedule pentest in days not in weeks
Communication and collaboration acelerate pentesting cycles through technology integrations and real-time collaboration with pentesters
Reduce the cost of testing by an average of 25%
The Pentest as a Service (PtaaS) model combines data, technology, and talent to resolve security challenges for modern web applications, mobile applications, networks, and APIs. This new approach applies a SaaS security platform to pentesting in order to enhance workflow efficiencies.
The PtaaS life cycle consists of six stages, supported by three core components.
Start off your test right by ensuring proper access and security controls.
Empower collaboration between testers and your team with streamlined workflows.
While the test is running, feed results directly into your DevSecOps ecosystem.
The first step in the Pentest as a Service process is the discovery phase where all parties involved prepare for the engagement. On the customer side, this involves mapping the attack surface areas and creating accounts on the IGIDER platform. The PenOps Team assigns a Igider Core Lead and Domain Experts with skills that match your technology stack. A Slack channel is also created to simplify real-time communication between you and the Pentest Team.
The second step is to strategically plan, scope, and schedule your pentest. This typically involves a 30-minute phone call with the teams. The main purpose of the call is to offer a personal introduction, align on the timeline, and finalize the testing scope.
The third step is where the pentesting will take place. Steps 1 and 2 are necessary to establish a clear scope, identify the target environment, and set up credentials for the test. Now is the time for the experts to analyze the target for vulnerabilities and security flaws that might be exploited if not properly mitigated.
As the Pentest Team conducts testing, the Igider Core Lead ensures depth of coverage and communicates with your security team as needed via the platform and Slack channel. This is also where the true creative power of the Igiger Core comes into play.
Accelerate your remediation with the fourth phase in the lifecycle. This phase is an interactive and on-going process, where individual findings are posted in the platform as they are discovered. Integrations send them directly to developers’ issue trackers, and teams can start patching immediately. At the end of your test, the Igider Core Lead reviews all the findings and produces a final summary report.
The report is not static; it's a living document that is updated as changes are made (see Re-Testing in Phase 5).
When you mark a finding as “Ready for Re-test” on the platform, the Igider Core Lead verifies the fix and updates the final report. Reports are available in different formats suited to various stakeholders, such as executive teams, auditors, and customers.
Once the testing is complete, you have the opportunity to analyze your pentest results more thoroughly to inform and prioritize remediation actions.
At this phase, you benefit from a deep dive into the pentest report with insights comparing your risk profile against others globally, identifying common vulnerabilities to inform development teams, and driving your security program's maturity.
Furthermore, executive teams will be delighted by the ease of use to track and communicate pentest program performance.
