Get in Touch
Have a question for the team? Feel free to give us a call or send us an email.
Alternatively, check out the FAQ below as you might find the answer there.
Frequently Asked Questions
Got a question you need answering? Hopefully our FAQs should help guide you
Do I need a penetration test?
A penetration test is the best way to know for sure if your organisation is an easy target for hackers. The test will show you both how strong your cyber defences are, but what the potential outcomes of a breach could be.
How often should my organisation perform a penetration test?
A pentest should be undertaken at least once a year, with additional tests performed after any major changes, upgrades or software patches.
How can I be sure my test is cost effective?
OnSecurity works in hours, not days, so you get a quote based on the actual time your test will take, without any padding or rounding up to the nearest day. Plus, we report as we go - so no waiting around while a tester spends days writing up a report before you can action any findings.
What’s the difference between vulnerability scanning and pentesting?
A vulnerability scan is done using an automated tool to sweep your systems for known vulnerabilities. Penetration testing is a highly skilled, manual process in which a tester finds and attempts to exploit a vulnerability.
What is Radar and why is it useful?
Radar, our threat and attack intelligence tool, gathers info from across the Internet and dark web to scope out how exposed your organisation is to a potential attack.
Do I need a security team to use Radar?
No! Radar is designed to be user friendly and requires very little technical knowledge. Each module has a handy help guide explaining what the findings are and what they mean for your security.
How does Scan work?
Scan carries out over 40,000 checks for missing patches, security misconfigurations, default passwords, dangerous services or otherwise potentially harmful security vulnerabilities in your configured targets.
Which parts of my infrastructure do you scan?
Scan monitors your external (internet facing) assets - This includes web applications and web servers. If you don’t know what your assets include, we can identify them for you using OSINT (Open Source Intelligence) gathering.
How does scanning for vulnerabilities help me avoid being targeted by cybercriminals?
Bad actors are constantly mass-scanning the Internet for vulnerabilities, using their own scanning tools. Scanning your internet facing assets regularly helps you identify and fix your vulnerabilities before an attacker has a chance to exploit them.
What if I need to cancel or reschedule a test?
No problem! We know that things don’t always go to plan, so we don’t charge you any fees to cancel or reschedule a test.