For a French insurance group, our cybersecurity consultants enhance the annual penetration tests by removing obstacles, coordinating communications with partners, and managing test priorities. They also ensure follow-up with executive management and aim to increase the penetration testing team's efficiency by quickly identifying vulnerabilities and managing risks.
IT Team: 5 members.
Technical Environment: Silva, Azure DevOps, C-Cure, Agile Project Management, Software Exploitation (Web applications, Mobile Applications, Infrastructure, Software Applications).
Activity: Annual penetration testing campaign.
The need
- A project manager who will eliminate bottlenecks and ensure throughput is maximized for annual manual penetration tests.
- A project manager who will sell the 'Penetration Testing as a Service' to all product owners at the client's site.
The requirements & constraints
- Increasing communication between test partners and stakeholders.
- Managing budgetary concerns and product catalog to provide tests at reasonable costs.
- Balancing software that needs to be tested before « Go Live », assets that need to be tested according to the organization's security policies, and not impacting product availability for the consumer.
Services rendered
- Working closely with test coordinators to identify bottlenecks in each test.
- Establishing connections with security managers and product owners to identify priorities for assets to be tested.
- Planning tests with test partners.
- Validating reports to manage vulnerabilities and provide comprehensive risk mitigation to the client.
- Reporting to executive management on the progress of the annual testing campaign.
The benefits for the client
- Increasing the throughput of the manual penetration testing team.
- Identifying vulnerabilities in software and infrastructure before deployment on the network and exploitation.
- Optimizing progress reporting, cost management, and vulnerability management.
- Planning tests for assets with a measured response in mind.
