Frequently asked questions

Yes, Strike’s pentesting is a part of Red Team assessments.

Yes, and there are many ways to do that.

First of all, you can use Strike's platform as part of your workflow: you will find a Kanban board to follow vulnerabilities by status. Strike's platform is encrypted, so it's the best place to centralize any workflow.

On the other hand, you will be able to integrate Strike with your Jira board with native integration. Also, you can use Strike's public API to connect it with your custom workflow.

Strike's Pentesting can be performed for many types of systems:

• Web-app Testing: Ability to uncover critical vulnerabilities in an average of 6 hours.
• Mobile App Testing: Both on Android and iOS, and even if they have geographic restrictions.
• API Testing: Strikers capable of discovering highly creative vulnerabilities - with or without documentation - in any API.
• Cloud Testing: Strikers specialized in all web service providers such as AWS, Azure, and Google Cloud.
• Infrastructure Testing: Work with ethical hackers specialized in any on-premise infrastructure.
• Internal Testing: At specific locations, we have ethical hackers capable of testing your internal infrastructure.

Pentests are processes that happen during a certain period and cover the biggest amount of scope possible. This means that the more vulnerabilities are exploited, the better. On the other hand, Bug Bounty is about exploiting one vulnerability more deeply. As a consequence, while Strike’s Pentesting covers a bigger surface in a wider way, in Bug Bounty there’s a smaller surface but a deeper process.

With Strike's self-service platform, you can act on your vulnerabilities as soon as they are reported and seamlessly modify the scope of your pentest on the fly. These are the main features of the product:

• Easily access the Dashboard, where you can get an overview of all your vulnerabilities in one place.
• Receive clear actionables for each found vulnerability, along with suggestions on how to resolve them.
• An automatically generated PDF report is available for download as many times as you need, and it will always be up-to-date.
• Conduct a retest of the reported vulnerabilities; we provide support for mitigating them.
• Integrate the process with Jira and Slack to have visibility during testing.

Multiple aspects differentiate Strike's pentesting from the traditional approach.

Firstly, Strike collaborates with the world’s top ethical hackers. You will always be assigned a specialist hacker in your technologies, ensuring an exceptional level of hacking proficiency.

Additionally, we have developed an innovative platform that provides absolute visibility into the penetration testing exercise. You can access the work log of the ethical hacker and receive real-time notifications of the vulnerabilities discovered.

Moreover, we serve as your strategic partner. Our Customer Service is ready to assist you at all times, and our strategy team will help you outline the initial objectives of the penetration test while providing weekly recommendations.

First, Strike will connect your company with the Strikers that match your needs, as well as language and time zone if that is important in your case. Later on, they will start the pentest and look for potential vulnerabilities immediately. Once that’s done, you’ll be able to see all of your vulnerabilities found in Strike's Platform. Strikers will also suggest ways to fix their findings.

Strike collaborates with the world's top ethical hackers, the Strikers. You will always be assigned the specialist hacker in your technologies to uncover and report the vulnerabilities that truly matter to you in real-time.

Our team of experts is fully prepared to conduct various types of pentests to ensure your cybersecurity is as strong as it can be. These types of pentests include: Web-app, Mobile-app, API, Cloud, Internal, and Infrastructure.

And if you want to modify the scope on the fly, you don't have to worry. You can do it as many times as you want, with full transparency during the process.

Pentesting is the short term for penetration testing, which consists of a series of standardized attack simulations to discover vulnerabilities of any given system. Those are part of the common practices regarding offensive security.

In this process, a cybersecurity expert will test the system in creative and counterintuitive ways.

Then, they will find vulnerabilities and report them.This will help your company tremendously, because you’ll be able to fix them right away and prevent potential cyberattacks.

While you’re doing your pentest, you can chat with Strikers anytime using Slack. There will be an open chat where you can ask them your questions and discuss with them the vulnerabilities that were found. Also, you will be able, to have weekly follow-ups and support meetings.

Yes, they do. Every Striker is certified and uses standard international pentesting methodologies, such as OWASP Top 10, OSSTMM, ISO 27000, and many others.

Strikers are assigned 24 hours after the pentest is created. This assignment is not random: Striker’s skills will adjust to your cybersecurity needs, technology, company size, industry, and even region and language if that’s important in your case.

Strikers are from all parts of the world and work in a decentralized way.

All of our Strikers are chosen throughout a sophisticated onboarding process. Since Strike aims for the top 1% of ethical hackers in the world, the team makes sure they have important certifications and their work is top tier. Background checks and continuous validations are done consistently for every Striker to ensure that their work is excellent.

Strikers are part of Strike's global community of Ethical Hackers. They are certified with worldwide recognitions and certifications such as OSCP, OSWE, OSCE, or CREST. Strikers work from all over the world in a decentralized way, so there will always be one that matches perfectly with your pentesting needs.