FAQs

Did you know that Security Testing is one of the most important activities in the process of Information Security Management?
Back to top

Subscription

How do I subscribe to your service?

You can subscribe online through our website: here

Who can subscribe to your service?

Any company around the globe. The person should be able to prove is ability to represent the company.

What are the minimum requirements to hire your service?

Internet connectivity is the only requirement needed to perform the testing of Web Application and Infrastructures.

Can I upgrade my subscribed service?

Yes, KEEP-IT-SECURE-24 is a monthly payment subscription. You can upgrade your subscribed service at any time, however it will be effective only from the 1st day of the next month.

If I stop paying will I loose all the information on KeepITSecure24?

No. You will be given 3 months to export your data. After that we reserve the right to purge your data from our systems.

Do I need to have previous experience in Information Security to hire your service?

No. However you should be able to understand your company’s objectives related to Information Security and know the skills and expertise of your IT personnel, so that you can effectively escalate and solve identified vulnerabilities.

Back to top

Model

What makes your service better than others available online? What are the main differences?

There is a great difference between our service and other online services, ranging from our service delivery model to our reporting model. We offer a continuous and persistent service combined with the knowledge of our experts and our professional certifications.You can view a summary of the main differences here

What are the features of your Web Management Platform?

Our platform allows clients to manage and monitor vulnerabilities and associated metrics, as well as, extract reports and provide us feedback regarding the Change Management Process so that we can perform specific tests. Check in detail the features of our platform

Why do you say your service is Innovative?

It’s an innovative service because it addresses several constraints that Traditional Pen-Testing Models have, while keeping the balance in terms of costs, and improving the efficiency and effectiveness of the Pen-Testing process. The major features of our service model, which make it unique and innovative worldwide are the persistence of the service being delivered by professionals who aren't limited to vulnerability scanning and our reporting and management interface. KEEP-IT-SECURE-24 provides testing in a continuous and persistent way to our customers through a Team of Professional Pen-Testers.More detail about our innovative model

Back to top

Testing

How do you know what to test?

Through our platform you will be able to let us know if you have any priorities regarding the tests. If you don't want to plan or you are unable to provide guidance, our experts will establish a test plan.

Will your tests cause adverse impact on our systems and services?

We will take all the precautions so that our tests don't have any adverse impact on your systems and services. In the unforeseen event we detect any unintentional disruption we will immediately get in touch and let you know about the incident.

How do I know I have new vulnerabilities?

We will inform you by email about any vulnerability we publish to your account. You will have the full details of the vulnerability after you securely login into the Web Management Platform.

Can I talk to the testers to solve any vulnerability?

Yes. Through our Web Management Platform you can communicate with our team of testers regarding any given vulnerability and receive feedback from them. See the features of our platform in detail

Back to top

HackUnits

What are HackUnits

We account for our Pen-Testing Activities through the use of HackUnits, in a way that allows our clients to keep track of our effort to detect vulnerabilities. The recommended (monthly minimum) number of HackUnits and how many HackUnits are reported per activity is listed on our plans.

What if I want your team to solve my vulnerability

The effort to solve your vulnerabilities is not included in the service, only the identification and the recommendations on how to solve it. If you want us to provide a quote for a resolution, just send an email to your account manager with the vulnerability ID. Our expert consultants will get back to you with a quote.

Back to top

Integration

I don't have a formal Change Management process, can I still have my vulnerabilities retested?

Yes. It is as easy as drag&drop an object in our Web Management Platform. Request a demo to have a look of how easy it is to request a test.

Do you provide an API for integration of your platform with our existing environment?

For the moment this is not available.

Back to top

Security

Will my data be safe?

The service is provided by INTEGRITY, an ISO 27001 Certified Company. We take the protection of our customer data very seriously, and that's the scope of our Certification.

What kind of activities do you execute during your Testing Process?

During the Penetration Testing Process, our team acts as potential attackers and use multiple techniques in order to try to identify vulnerabilities in your infrastructure, applications and services. Have a more detailed look on our Testing Process.

What tools do you use for performing the service?

Our team has a set of commercial and public tools that we use for performing our testing process. Many of these tools are the same that attackers use on their day-to-day basis. These tools help us execute our technical activities in a much more effective way.

Back to top

Our team & Clients

What certifications does your team hold?

Our consultants hold several academic degrees and professional certifications, from which we emphasize: MSc. in Information Security (Royal Holloway), Post Graduate in Information Security (Royal Holloway), Certified Information Systems Security Professional (CISSP), Information Systems Security Management Professional (CISSP-ISSMP), Certified Information Systems Auditor (CISA), ISO 27001 Lead Auditor and ITILv3 Certification.

How much experience does your team have?

Our team is composed of several elements with different experience levels. All our Expert Consultants have at least 10 years of experience, on providing information security auditing services to large and medium sized companies.

What customer references do you have?

We perform services for a considerable number of large and medium size corporations. Because of privacy issues and for the protection of our clients, we opt for not revealing their names on our webpage. We will be delighted to share their names and some projects in detail during a meeting. Schedule an On-line meeting with us to discuss any issues regarding our services and references by filling in this form

Back to top

Reporting

What kind of metrics and reports can I extract from the Platform?

There are two main sources of data on our Web Management Platform. The first is the dashboard, which includes information like the number of open vulnerabilities, risk factors, most critical vulnerabilities, number of vulnerable assets, etc. The second is the reporting capability that will allow you to generate reports based on a time range, assets or vulnerabilities, as well schedule and define the distribution list for each type of report.

Can I Customize my reports?

Yes. Apart from being able to define the filters for the reports, you can also customize the headers, upload your company logo, and define the level of detail that you want to see in your report.

Back to top

User & Account Management

How do I reset my Password for the Web Management Platform?

Your account administrator can at any time issue a temporary access token that is sent by email. This will allow you to enter the platform and change your password. You can also use the self help on your login page “Can’t access your account?” Click on this link and enter your registered email address.

How many additional users can I configure in the Web Management Platform?

It depends on the service model you have subscribed to. You can check the number of users permitted in each model here.

Can I use your Web Management Platform to escalate vulnerabilities inside my organization?

Yes. This is one of the main purposes of our Platform. Customers can create sub-users within their organizations who can manage assets, deal with associated vulnerabilities, extract reports and obtain online metrics.

Still got a question? Please contact us

You can also request a DEMO or a Web Meeting