I'm on the hunt for reputable penetration testing firms based in Australia or New Zealand. We've dedicated the last 18 months to enhancing our security, particularly with Fortinet and endpoint protections, and now we need to identify any vulnerabilities that might still exist in our system. If you've worked with any reliable vendors for an annual external pen test, I'd love to hear your recommendations!
4 Answers
I’ve worked with several firms, and MercuryISS was solid a few years back. Most recently, we engaged with Blacklock.io for their continuous pen testing service, which offers monthly assessments. That said, I feel like I could manage some of the scanning myself; it mostly adds a user-friendly interface and reporting.
We've been using volkis.com.au for our penetration testing needs, and I can vouch for their physical pen testing as well!
I had a good experience with ES2 in the past, but they’ve been acquired recently, so I can’t speak to their current quality.
Cythera has provided great service for us. Their reports are very detailed, and they handle external, internal, and WiFi pen testing efficiently.
That's interesting! Do you think it’s worth it to go for the PTaaS model?