FAQ
Frequently Asked Questions
Everything engineering teams typically ask before booking an engagement.
Methodology
How is this different from a vulnerability scanner?+
Scanners produce candidate findings — we manually exploit and validate every one before it reaches your report. You get zero false positives and proof-of-concept evidence for every issue.
Do you do destructive testing?+
No. Engagements are demonstration-only. We prove impact with the smallest possible proof of concept and never disrupt production data, users, or services.
What standards do you align with?+
PTES (Penetration Testing Execution Standard), OWASP WSTG, OWASP ASVS, OWASP API Security Top 10, OWASP LLM Top 10, and CVSS v3.1 for scoring.
Do you use AI or humans?+
Both. AI agents orchestrate the offensive toolchain (nmap, nuclei, ffuf, sqlmap, sslscan, amass, httpx) in parallel. Human testers validate every candidate finding, exploit chains, and write the report.
Reporting
Will the report be accepted by our auditors and customers?+
Yes. Reports follow the structure expected for SOC 2, ISO 27001, and customer security questionnaires: scope, methodology, CVSS-scored findings, attack narrative, and remediation roadmap.
What does the report look like?+
A formal External Penetration Test Report with executive summary, per-finding details (CVSS vector, reproduction steps, business impact, remediation), attack narrative, and evidence index.
Can I see a sample report?+
Yes — a redacted sample External Penetration Test Report is available on request under NDA.
Engagement
How do you scope an engagement?+
A 15-minute scoping call covers in-scope assets, allowed techniques, testing window, and emergency contacts. We send a written authorisation document for sign-off before testing begins.
Can you re-test after we fix the findings?+
Yes. Every engagement includes free re-tests of remediated findings within 90 days.
How long does an engagement take?+
Essential engagements turn around in 5 business days. Professional in 3. Enterprise timelines are agreed during scoping.
What do you need from us?+
Signed authorisation, scope document, and a technical contact. For greybox or whitebox testing, we also need credentials and optionally source code access.
Logistics
Are you based in Australia?+
Yes — based in Melbourne, Australia, operating under Australian privacy law. We work with clients globally.
Do you sign NDAs?+
Yes. Mutual NDAs are signed before scoping for any engagement where required.
How do you handle data we share with you?+
All engagement data is encrypted at rest and in transit, stored in per-client isolated workspaces, and deleted 90 days after engagement close (or sooner on request).