top of page
8cf635_85c47d3efc984062ae493e15239e682e~mv2.jpg

Frequently Asked Questions

  • How do your penetration tests differ from others?
    At McCormack Cyber Solutions, we pride ourselves on providing the highest quality of results in all work we perform. One complaint we have heard from clients and seen as recipients of pentests during our career is a lack of actionable results. Whether this is from a misaligned scope, minimal reproduction or remediation guidance, or a lack of understanding what you are doing well to focus your efforts where it counts the most. As such, we start at the initial stages of planning your engagements to ensure appropriately scoped work is quoted. At MCS you will not be blindsided with upcharges, or left with an incomplete assessment. Furthermore, all of our penetration testing reports include not just our findings with detailed steps to reproduce, as well as remediation guidance and resources to help your teams fix issues. They also include notes about positive observations, and an assessment summary which covers things such as attempts to exploit issues which were observably prevented. Lastly, our relationship does not end at report delivery. We are here for you if you have questions, or need a retest. Every penetration test comes with 1 retest free within 90 days of the original test so you can validate the fixes you have put into place. Ready to discuss how we can help you? Leave you info in chat here, or fill out our contact form.
  • What is the difference between Vuln Management, Vuln Assessment, and Penetration Testing?
    This could be a long discussion on its own, and these links will direct you to our detailed pages on the services. In summary: - Vuln Assessment is a singular point in time assessment that helps identify as many vulnerabilities as possible, usually unauthenticated, through the use of automated tooling. - Vuln Management is a process of recurring vuln assessments (generally monthly) where administrative credentials are provided to gain the best coverage of missing patches and misconfigurations. - Penetration Testing is a method of using automated and manual assessment techniques to identify vulnerabilities beyond what a typical vulnerability assessment or tool can handle by itself. For example, looking for logical flaws in a business' web application. Ready to discuss how we can help you? Leave you info in chat here, or fill out our contact form.
  • What is included in a vulnerability management program?
    A basic vulnerability management program created for startups and small businesses includes: - Monthly vulnerability scanning for 1 year with Tenable Vulnerability Management the leader in vulnerability management tools of up to 100 unique IP addresses. - Access to remediation guidance from our experts anytime during the program term. - Access to real time dashboards and customized reporting to guide your team in tackling the most impactful risks quickly. - 1 penetration test during the annual term of up to 3 days for a network or application. - 1 cloud security configuration review during the annual term of up to 3 days for an AWS, GCP, or Azure cloud environment. - 10% discount during the annual term on all other penetration testing or vulnerability assessment services purchased. This is the starter package, and organizations requiring other sizing should reach out for a specific quote. Ready to discuss how we can help you? Leave you info in chat here, or fill out our contact form.
  • What is the difference between Vuln Management, Vuln Assessment, and Penetration Testing?
    In summary: - Vuln Assessment is a singular point in time assessment that helps identify as many vulnerabilities as possible, usually unauthenticated, through the use of automated tooling. - Vuln Management is a process of recurring vuln assessments (generally monthly) where administrative credentials are provided to gain the best coverage of missing patches and misconfigurations. - Penetration Testing is a method of using automated and manual assessment techniques to identify vulnerabilities beyond what a typical vulnerability assessment or tool can handle by itself. For example, looking for logical flaws in a business' web application.
  • What is included in a vulnerability management program?
    A basic vulnerability management program created for startups and small businesses includes: - Monthly vulnerability scanning for 1 year with Tenable Vulnerability Management the leader in vulnerability management tools of up to 100 unique IP addresses. - Access to remediation guidance from our experts anytime during the program term. - Access to real time dashboards and customized reporting to guide your team in tackling the most impactful risks quickly. - 1 penetration test during the annual term of up to 3 days for a network or application. - 1 cloud security configuration review during the annual term of up to 3 days for an AWS, GCP, or Azure cloud environment. - 10% discount during the annual term on all other penetration testing or vulnerability assessment services purchased. This is the starter package, and organizations requiring other sizing should reach out for a specific quote.
  • How do your penetration tests differ from others?
    At McCormack Cyber Solutions, we pride ourselves on providing the highest quality of results in all work we perform. One complaint we have heard from clients and seen as recipients of pentests during our career is a lack of actionable results. Whether this is from a misaligned scope, minimal reproduction or remediation guidance, or a lack of understanding what you are doing well to focus your efforts where it counts the most. As such, we start at the initial stages of planning your engagements to ensure appropriately scoped work is quoted. At MCS you will not be blindsided with upcharges, or left with an incomplete assessment. Furthermore, all of our penetration testing reports include not just our findings with detailed steps to reproduce, as well as remediation guidance and resources to help your teams fix issues. They also include notes about positive observations, and an assessment summary which covers things such as attempts to exploit issues which were observably prevented. Lastly, our relationship does not end at report delivery. We are here for you if you have questions, or need a retest. Every penetration test comes with 1 retest free within 90 days of the original test so you can validate the fixes you have put into place.
bottom of page