About us

We are a small team with individual approach to each Client offering highly qualified penetration testing services for affordable and competitive prices.

Our Clients are public and commercial organizations all over the world, especially in Europe region, such as United Kingdom, Germany, Spain, France, Italy, Portugal, Switzerland, Poland, Sweden, Netherlands, Denmark, Latvia, Estonia and Malta. We never disclose our Clients’ names in public to keep the confidentiality of our Clients and not creating a risk where potential attackers might be challenged to attack our Clients’ network / applications.

Our Penetration Testers have obtained certifications such as Certified Ethical Hacker (CEH), Certified Cloud Security Professional (CCSP), Certified Information Systems Auditor (CISA), Payment Card Industry Professional (PCIP), AWS Certified Cloud Practitioner and AWS Certified Security Specialist, and have obtained experience in IT security consultancy companies such as Deloitte and PWC. 

If you are looking for not just an automated scanning of your network / WEB application, then we are the one you are looking for.  We use a broad range of automated penetration testing tools and manual testing to make sure that the Testing Target is protected against all variety of cyber attacks. We believe that automated scanners are great in finding known vulnerabilities in networks / web applications; however there is no automated tool developed which could be replaced with a good penetration tester with a proxy and human logical thinking when it comes to finding security issues in WEB applications, and also there is a plenty of manual testing to be undertaken in network security testing when results of vulnerability scanning are obtained. Our methodology, used in penetration testing, is largely based on our successful previous experience and industry accepted penetration testing approaches, standards and guidelines from the world’s leading associations and organizations, such as OWASP, EC-COUNCIL, PCI DSS, ISACA, ISO etc. 

All our performed penetration testing is undertaken by a highly qualified and experienced penetration tester (Managing Director) only. This means that the testing results (incl. obtained technical information during testing and identified weaknesses) are known only by one individual (Managing Director). Whilst a lot of penetration testing companies do not disclose their penetration testers’ names and just confirm that their staff are vetted to not employ ex-criminals, we are happy to announce the name of our penetration tester. You are welcomed to do a background checks and any other checks at your desire of our penetration tester (Managing Director) to confirm that Raivis is absolutely clear and have never been involved in any criminal activity.

We do not retain the penetration testing results for more than two months after Report distribution. We believe that this allows our Clients to be confident that the risks over information disclosure by any unauthorized party is maximally mitigated.

We are flexible and understand that penetration testing can provide noise and can use some of Organization’s bandwidth; hence we offer to undertake penetration testing at any times preferred by the Organization, such as out of working hours, at the night time, on weekends etc.

Organizations sometimes rely on the same Penetration Tester for several years and, if penetration testers do not changed, it might result that the approach of the testing might not identify all potential risks and weaknesses for the network and / or WEB applications. Therefore, we encourage you to consider changing Penetration Tester every couple of years.

 If you are looking for:

  • Professional Penetration testing to identify potential weaknesses and vulnerabilities which might be exploited in cyber attacks against your network and / or WEB application;
  • Do not want to spend huge resources for it (penetration testing for low prices or penetration testing at a low cost); and
  • Want to maintain absolute confidentiality of technical information disclosed and results identified; then

Cyber Audit is the right decision as we offer all the above mentioned and we will make sure that you would not be disappointed.

CEH_logo  PCI DSSCISA logo