About us

We are a small team with individual approach to each Client offering highly qualified penetration testing services for affordable and competitive prices.

If you are looking for not just an automated scanning of your network / WEB application, then we are he ones you are looking for.  We provide  a broad range of automated penetration testing tools and manual testing to make sure that the Testing Target is protected against all variety of cyber attacks. We believe that automated scanners are great in finding known vulnerabilities in networks / web applications, such as vulnerability scanners or tools for automating the attacks in user input fields in web applications; however there is no automated tool developed which could be replaced with a good penetration tester with a proxy and human logical thinking when it comes to finding security issues in WEB applications, and also there is a plenty of manual testing to be undertaken in network security testing when results of vulnerability scanning are obtained. 

In our penetration testing, CyberAudit uses more platforms builds, such as KALI Linux, which then are improved with other tools, such as OWASP ZAP, Nessus, Ming, Hyperion, Veil-Evasion, Ettercap, and proxies, such as Burp Suite, to provide maximum attack opportunities for both network and WEB application penetration.  

Our methodology, used in penetration testing, is largely based on our successful previous experience and industry accepted penetration testing approaches, standards and guidelines from the world’s leading associations and organizations, such as OWASP, EC-COUNCIL, PCI DSS, ISACA, ISO 27001 and others.

All our performed penetration testing is undertaken by a highly qualified and experienced Certified Penetration Tester (Managing Director) only. This means that the testing results (incl. obtained technical information during testing and identified weaknesses) are known only by one individual (Managing Director). Whilst a lot of penetration testing companies do not disclose the penetration tester name and just confirm that their staff are vetted to not employ ex-criminals, we are happy to announce the name of our penetration tester. You are welcomed to do a background checks, credit checks and any other checks at your desire of our penetration tester (Managing Director) to confirm that Raivis is absolutely clear and have never been involved in any criminal activity.

We do not retain the penetration testing results for more than two months after submitting them to your organization as other Penetration Testing companies usually do. We believe that the above mentioned allows our Clients to be confident that the risks over confidentiality of information disclosed and testing results by a third party are maximally mitigated. To keep the confidentiality of our Clients and not creating a risk where potential attackers might be challenged to attack our Clients’ network / applications, we never disclose our Clients’ names in public.

We are flexible and understand that penetration testing can provide noise and can use some of Organization’s bandwidth; hence we offer to undertake penetration testing at any times preferred by the Organization, such as out of working hours, at the night time, on weekends etc.

Organizations sometimes rely on the same Penetration Tester for several years and, if penetration testers do not changed, it might result that the approach of the testing might not identify all potential risks and weaknesses for the network and / or WEB applications. Therefore, we encourage you to consider changing Penetration Tester every couple of years.

 If you are looking for:

  • Professional Penetration testing to identify potential weaknesses and vulnerabilities which might be exploited in cyber attacks against your network and / or WEB application;
  • Do not want to spend huge resources for it (penetration testing for low prices or penetration testing at a low cost); and
  • Want to maintain absolute confidentiality of technical information disclosed and results identified; then

Cyber Audit is the right decision as we offer all the above mentioned and we will make sure that you would not be disappointed.

Paraksts

 

 

 Managing Director, CISA, CEHv8

Certified Information Systems Auditor (CISA) and Certified Ethical Hacker v8 (CEH):

CEH_logo CISA logo

 

  • The American National Standards Institute (ANSI) has accredited the CEH certification program and the CISA certification program under ISO/IEC 17024:2003.
  • The CEH certification Compliance to National Initiative For Cybersecurity Education (NICE). The new CEHv8 completely map to National Initiative for Cybersecurity Education (NICE) framework – NICE’s speciality area category ‘Protect and Defend’.
  • CNSS 4013 Recognition. The CEHv8 Recognition by National Security Agency (NSA) and the Committee on National Security Systems (CNSS) Standard based required training for network security professionals.