The definition of PTaaS
PTaaS – To continuously attack infrastructure, computer systems, and applications to find security weaknesses and potentially gain access to its functionality and data.
Here at TrollEye Security, we’ve developed our PTaaS to eliminate the limitations of an annual penetration test. Annual testing provides only a snapshot-in-time view of the organization’s security posture. Unlike a standard penetration test, PTaaS is a continuous security test for both applications and infrastructure.
Our PTaaS is an integrated Penetration Testing service. An integrated Penetration Test incorporates integrating Command Center with cloud providers, network infrastructure devices, endpoint protection systems, and software repositories. There are endless amounts of information correlated with your IT systems and incorporating this information into a Penetration Test is priceless.
The Process:
The process is simple, you continue to build and manage applications and infrastructure while our on-site or cloud integration servers and scanners continuously search your systems and applications for vulnerabilities, modifications, and changes.
As we find vulnerabilities, our team of expert Penetration Testers analyzes and exploits these vulnerabilities in a controlled manner. As soon as a Penetration Tester opens a finding, you are immediately notified via your preferred communication channel.
In Command Center, you have the option to request a re-test or accept the risk. Providing a full audit trail.
Benefits of PTaaS:
Integrating with your cloud providers and on-premise infrastructure allows us to cross-correlate network address translations, virtual IPs, and other important information related to the vulnerable systems.
Providing you a single pane of glass for infrastructure and application vulnerabilities, on-premise and cloud.
Monitoring your software repositories and integrating with your CI/CD pipeline tools allows us to run and analyze Static and Dynamic (SAST/DAST) Application Security Testing every time you deploy code.
Current Integrations Include:
- GitLab, Bitbucket, and Github
- AWS
- Palo Alto Networks
- Cisco IOS/IOS XE/ASAOS/NX-OS
- Cisco AMP
- SentinelOne
