why
In order to minimize risks of your application vulnerabilities, your software shall be penetration tested on a regular interval. Alice&Bob.Company takes this burden from you, performs tests on the agreed URLs (Websites & APIs) and delivers regular reports with structured results and weighted findings.
what
Alice&Bob.Company offers a managed continuous penetration service. Therefore they combine manual testing with automated penetration test. Manual penetration tests can simulate very sophisticated attack vectors, while automated tests ensure a basic testing, even in case of continuous deployments.
The penetration testing results get valuated and commented by an A&B security expert.
Within this penetration testing we do Dynamic Application Security Testing, focusing on
- Scanning for the OWASP Top 10 vulnerablilities
- Web Application and REST API scanning
- Advanced automated testing of JavaScript applications (Deep Scan)
- Integrate in your pipeline
You will receive
- a meaningful reporting,
- key statistics and
- actionable and commented insights.
how
Alice&Bob.Company provides a flexible and tailored testing setup according to initial definitions.
We equip you with the Alice&Bob.Company’s standard penetration toolset. This is a best of breed mix of tools and services, according to our experience, i.e.
- Crashtest Security Suite
- Zed Attack Proxy (ZAP)
YOUR BENEFITS
Main advantages of Continuous Penetration Testing with A&B:
- You take care on your product. We take care on identifying vulnerabilities. Continuously.
- We combine automated penetration testing with manual penetration testing
- Sustainably increase your applications and APIs overall security level
other products in 04 continuous improvement
Cloud Security Trainings
Never stop learning! The cloud never stops teaching! In Jan 2021 AWS consists of more than 199 ready to use service. 45+ of those are security related. Let us help to enable and educate you team(s) with an individual training plan over a timeframe of 6 to 24 months.
Cloud Security Posture Management
Keeping visibility and enforced security across public cloud accounts – probably across multiple public cloud vendors with the right tools: facilitate a managed Cloud Security Posture Management (CSPM) service by Alice&Bob.Company.
Managed Container & Serverless Security
Have you heard about Kubernetes Security Posture Management (KSPM)? Keep a clear view on your Cloud and Serverless Security with A&B’s Managed Container & Serverless Security.
Managed Perimeter Protection
Protect your publicly accessible websites, e-commerce platforms, IoT-, IIoTT-applications and other dynamic web application against abuse of bugs, vulnerabilities and Distributed Denial of Service (DDoS) attacks. The team of A&B and AWS give you a peaceful sleep.
CI/CD Pipeline improvement
Pimp your existing CI/CD pipeline to the next level! Alice&Bob.Company continuously monitors and improves your current CI/CD pipelines.
We continuously integrate automated and scalable Cloud Security into your software development lifecycle.
Security Champions Program
Security Chaos Engineering Program
Transfer the disruptive operational method of chaos engineering, developed initially by Netflix, to cloud security. We accompany your team(s) over the course of 12 month to establish the concepts and culture of Security Chaos Engineering (SCE).
Custom Tailored Managed Service
Is there anything you need, but we haven’t covered. We are always curious and eager to learn about your requirements. And maybe, we develop a new Cloud Security Managed Service together