MeVitae is a company that provides innovative solutions for talent management and recruitment, using artificial intelligence and machine learning. Their products aim to eliminate bias in the hiring process and improve diversity and inclusion in the workplace.
They came to OnSecurity early in 2023 looking to repeat their yearly web application penetration test.
Can you give us a general overview of your experience with OnSecurity?
The whole experience was very straightforward - streamlined and with everything completed on time. Communication with the team and the testers was swift and smooth.
We really enjoyed working with OnSecurity as they are a company similar to us, they were responsive and aligned with how our business works. We didn’t have to wait for things we wanted to action quickly.
How was the onboarding process with OnSecurity?
One of the main reasons we chose OnSecurity in the first place was the online quoting engine on their website. It was easy to get an accurate quote in real time due to our application being straightforward, plus it’s an annual test for us so we were happy to not have to go through a lengthy scoping process.
We were reassured by the transparency of the billing and the quoting engine as often it takes a long time to get to that stage with pentesting.
We filled out a quote and immediately were able to access this in the portal. From here everything we needed was easy to find and we were able to speak directly to the testers. For our next test, we plan on activating the X integration to push the notifications directly to our workflows.
How did OnSecurity perform Vs other vendors?
The ability to be able to receive information and action things in real time was really valuable to us. Our previous pentest partner didn’t have a portal, so being able to download a report instantly was much more straightforward.
Being notified as soon as findings were published meant our team could get to work on that immediately rather than having to wait until after the final report was published. The free retesting period was really important for us in this regard: it’s something they could easily charge for and makes such a difference for an organisation like ours with limited budgets.
From the testing, did you find the outcomes from the findings useful and why?
The language of the findings and recommended actions was useful as an educational tool. Cybersecurity moves very quickly, and we found there had been developments since we ran this test last year. The outcomes were ideal for us to take and run with, and we were able to get our findings remediated quickly and our report updated to reflect that the issues had been fixed.
Would you use OnSecurity again?
Yes, definitely! Using OnSecurity was a completely different experience from our previous pentest providers and really useful for us as we’re working towards our ISO 27001 certification.
Overall, MeVitae had a positive experience working with OnSecurity for their annual penetration testing. The online quoting engine, easy-to-use portal, and real-time communication with testers were all highlights of the process. MeVitae also found the findings and recommended actions to be useful educational tools. The free retesting period was particularly appreciated, as it allowed for quick remediation of any issues. Based on this experience, MeVitae would definitely use OnSecurity again in the future.