Penetration Testing

Know Your Areas of Weakness

Improve the cyber resilience of your systems, networks, and applications through worldclass pen testing.

Reflare’s strategic alliance with Dot.Bit delivers cost-effective penetration testing for your technologies and teams. Our integrated training and audit offering helps you achieve your security requirements.

How Do We Help?

We are here to help you test your environment, identify the vulnerabilities before everybody else does and make sure you stay protected in this manner.

The value of penetration testing;

  • Practical rather than theoretic security testing,
  • Very close to what real attackers would do,
  • Finds vulnerabilities that developers and administrators did not consider,
  • Finds vulnerabilities that exist between components, and
  • Serve as a drill for a real cyber-attack.

The exact scope and risk level of a penetration test needs to be adjusted on a case-by-case basis. Some companies wish to only be exposed to a light attack with plenty of safeguards in place. Others wish to experience the same brunt that a real attacker brings to the table. Both approaches have benefits and drawbacks and our team will gladly walk you through the discovery process to find what is right for you.

At the end of a penetration test you are provided with a test report listing steps taken and issues found. Your IT team can use it to improve your overall security and make sure that criminals can no longer exploit the same vulnerabilities.

Overall, penetration testing is one of the most cost-effective and thorough measures you can take to improve the security of your organisation. Pen testing is at it most effective when complimented with vulnerability assessments.

User Testing

A key part of penetration testing is to continuously test and train the technical users who operate your networks and systems. Reflare’s Certified Secure (RCS) user training programs ensure your training requirements are implemented with ease.

RCSD Curriculum

(Reflare Certified Secure Developer)

  • Upload Icon

    Runs in the cloud

    All of the lessons and challenges run entirely on Amazon's AWS infrastructure. This means we can scale to any number of users and you don't need to install any software.

  • Flag Icon

    User-Centric design

    After every practical video lesson, trainees must complete the demonstrated attack or defence technique in a live VM environment to advance. No final exams, tedious cramming, or multiple-choice questions. Just effective study and real-world experience in writing more secure code.

  • Money Icon

    Per user licensing

    You can buy additional training licences to expand your organisation’s IT security capabilities beyond immediate compliance requirements. No hidden fees or yearly costs for content updates. You decide if, and when you want to retrain specific team members.

  • World Icon

    Anyplace, anytime

    Allow your users to train at a time that suits them. On site, on the road or at home, all that is required is an internet connection in a modern HTML5 browser.

  • Statistics Icon

    Track progress

    Add your trainee, set your completion date, and leave the rest to us. We take care of trainee commencement, tracking and deadline reminders. Your easy-to-use admin interface allows you to track group and individual developers' progress.

RCSD Lessons for Developers - Stage A
Lesson 1: Introduction & How-To
Lesson 2: Input Validation - Cross-Site Scripting (XSS)
Lesson 3: Client Side Input Validation
Lesson 4: Input Validation - SQL Injection (SQLi)
Lesson 5: Input Validation - Command Injection (CMDi)
Lesson 6: Input Validation - File Uploads
Lesson 7: Input Validation - Remote File Inclusion (RFI)
Lesson 8: Forced Browsing
Lesson 9: Directory Traversal
Lesson 10: Authentication
Lesson 11: Session Management
Lesson 12: Authorization
Lesson 13: Sniffing, MITM & SSL
Lesson 14: Open Redirects
Lesson 15: Cross-Site Request Forgery (CSRF)
Lesson 16: Information Leakage
Lesson 17: Browser Security Measures
Lesson 18: Simple Scanner Usage
Lesson 19: Closing Thoughts
RCSD Lessons for Developers - Stage B
Lesson 1: XPath Injection
Lesson 2: Buffer Overflows
Lesson 3: Secure Cryptographic Storage
Lesson 4: Encrypted Databases
Lesson 5: Logging
Lesson 6: Environment Separation
Minimum time commitment to complete RCSD training: 4 hours.

Advantages and Benefits

Our world-class penetration testing compliance solutions aim to keep your systems secure.

Reflare partners with leading organisations such as...

Get Started

Ready to learn more? We are here to help!
Message our team to book a virtual consultation.

Send us a direct message from your email account.
Please include the nature of your inquiry and contact
method you would prefer us to use to respond.

Email Us

To begin the proposal process, simply click below to access our enquiry form,
select your compliance requirements,
and one of our team members will be in touch

Get Started