FREQUENTLY ASKED QUESTIONS
Frequently asked questions
WHAT IS THE PROBLEM WITH 'POINT IN TIME' OR 'AD HOC' SECURITY TESTING?
All businesses want to remain secure. However, many only test their cyber security occasionally or for 'compliance' towards frameworks such as PCI-DSS or ISO27001:2013. Ad hoc security tests and audits are only effective at providing a 'snapshot' view of cyber health. The test results becoming out of date as soon as they are published. This is due to what keeps any successful business competitive - continual technology evolution and change. This fact in combination with the constant risk of new cyber exploits coming from malicious actors across the public internet, leaves businesses exposed for the majority of the year - the time BETWEEN their usual security tests.
CAN MY BUSINESS BENEFIT FROM COVERTSWARM'S CONTINUOUS OFFENSIVE CYBER SECURITY SERVICE?
Yes. If your business relies upon frequent technology change, modern and continuous software release cycles or is a high-profile target for malicious threats, then continuous offensive cyber security such as that offered by CovertSwarm is the best step to maintaining an effective cyber security posture.
IS COVERTSWARM A PENETRATION TEST OR RED TEAM COMPANY?
Neither. CovertSwarm's service offers a blended approach to cyber research and attack from skilled ethical hackers. By combining the skillset of expert Penetration Testers with the offensive capabilities of Red Teaming at a 'nation-state' level of attack, our team works alongside our client's technology, security and software teams to provide a unique and highly-tailored offensive security service that continuously detects risk, promotes best practices and educates in-house staff.
WHAT IS THE 'CYBER RISK GAP'?
The time between a business' traditional Penetration Test or Red Teaming engagements where business change or new online cyber risks can result in a risk gap forming between what the business believes its cyber risks to be and the reality of what could be exploited in their estate.
WHAT IS THE ISSUE WITH 'BUG BOUNTY' PROGRAMS?
Bug bounties are a great initiative and can fit well into a wider cyber security control set for highly-mature software engineering and security teams. Inviting constant ethical hacker attention against closed-book production environments or other in-scope targets can sound appealing. However, the highly-variable quality of testing, risk of unknown members of the public impacting operational stability, and unstructured vulnerability reporting can induce significant workload and ‘noise’ onto in-house teams needing to perform time consuming and costly triage before action can be taken (and bounties paid out). CovertSwarm recognises some extremely talented ethical hackers exist on popular bug bounty platforms, however ensuring consistent access to them and high quality from the platforms can be time and resource-consuming and very difficult to achieve.
WHY COVERTSWARM AND NOT TRADITIONAL PENETRATION TESTING, RED TEAMING OR 'CONTINUOUS' PENETRATION TESTING?
WHAT IS PENETRATION TESTING?
Traditional Penetration Testing involves skilled cyber security professionals researching an agreed scope of a business' technology stack for known cyber vulnerabilities. Many use 'off the shelf' vulnerability scanning software in conjunction with human expertise to produce a 'point in time' view of the known risks that are present. A traditional pentest engagement can last from a single day to a number of days depending on the scope - or complexity - of the technology estate being explored. At the end of the exploration a report is usually produced that details the cyber vulnerabilities detected as well as their severity - normally to a 'CVSS' rating.
WHAT IS A 'RED TEAM' OR 'RED TEAMING'?
A Red Team is a group of ethical hackers working together to attempt to exploit cyber vulnerabilities within any given technology target. The target is normally defined by the client, and the Red Team's 'cyber attack' is limited to a small window of time. The purpose of Red Teaming is to test the cyber security detection and response capabilities within the client's business - usually from their in-house or out-sourced 'Blue Team' or 'Security Operations Centre (SOC)' attempting to detect and defend against the Red Team's simulated cyber attack.