Close
Request your personalized demo
Thank you!
We’ll be in touch with you soon as possible.
In the meantime create your account to start getting value right now. It is free!
Oops! Something went wrong while submitting the form.

Frequently asked questions

About Strike's Solutions

Which are Strike's pentesting plans?
top arrow

Strike offers two different Pentesting plans: Compliance, and Deep Security. You can decide which is the ideal plan for your case based on the following criteria:

  • Compliance:Tailored for companies aiming to achieve international compliance badges such as HIPAA, SOC2, and ISO 27001. It includes automated testing with compliance reports to facilitate the certification process. The reports are ready to download within 24 hours.
  • Premium Pentesting:Ideal for companies that are looking for in-depth testing over all their system. This plan offers a complete security overview all year round through manual pentesting, custom reports, personalized customer service, continuous assistance, the option to retest, and the flexibility to modify the scope of the Pentest on the fly. It is also compatible with Compliance audits.

In addition, there is a Free Trial available, for those companies who want to experience a glimpse of the platform and discover the features that set us apart. The trial does not include manual Pentesting and the download of your compliance report.

What does Strike offer?
top arrow

Strike is the platform that helps companies to make cybersecurity part of their development cycle. To achieve that, it delivers top-notch Pentesting solutions, allowing organizations to identify and address the vulnerabilities that truly matter. It is a flexible platform that adapts perfectly offering two different focus: Manual Pentesting and Automated Testing oriented to Compliance, so every organization can choose the one that is tailored to its needs.

There are two solutions availables: Compliance Plan and Deep Security Plan.

About Strike's Pentesting

Does Strike do Red Team pentesting?
top arrow

Yes, Strike’s pentesting is a part of Red Team assessments.

Can I integrate the results of the pentest into my company's workflow?
top arrow

Yes, and there are many ways to do that.

First of all, you can use Strike's platform as part of your workflow: you will find a Kanban board to follow vulnerabilities by status. Strike's platform is encrypted, so it's the best place to centralize any workflow.

On the other hand, you will be able to integrate Strike with your Jira board with native integration. Also, you can use Strike's public API to connect it with your custom workflow.

What kind of applications can be Pentest targets?
top arrow

Strike's Pentesting can be performed for many types of systems:

  • Web-app Testing: Ability to uncover critical vulnerabilities in an average of 6 hours.
  • Mobile App Testing: Both on Android and iOS, and even if they have geographic restrictions.
  • API Testing: Strikers capable of discovering highly creative vulnerabilities - with or without documentation - in any API.
  • Cloud Testing: Strikers specialized in all web service providers such as AWS, Azure, and Google Cloud.
  • Infrastructure Testing: Work with ethical hackers specialized in any on-premise infrastructure.
  • Internal Testing: At specific locations, we have ethical hackers capable of testing your internal infrastructure.
What’s the difference between Strike’s Pentesting and Bug Bounty?
top arrow

Pentests are processes that happen during a certain period and cover the biggest amount of scope possible. This means that the more vulnerabilities are exploited, the better. On the other hand, Bug Bounty is about exploiting one vulnerability more deeply. As a consequence, while Strike’s Pentesting covers a bigger surface in a wider way, in Bug Bounty there’s a smaller surface but a deeper process.

How does Strike’s innovative self-service platform works?
top arrow

With Strike's self-service platform, you can act on your vulnerabilities as soon as they are reported and seamlessly modify the scope of your pentest on the fly. These are the main features of the product:

  • Easily access the Dashboard, where you can get an overview of all your vulnerabilities in one place.
  • Receive clear actionables for each found vulnerability, along with suggestions on how to resolve them.
  • An automatically generated PDF report is available for download as many times as you need, and it will always be up-to-date.
  • Conduct a retest of the reported vulnerabilities; we provide support for mitigating them.
  • Integrate the process with Jira and Slack to have visibility during testing.
How does Strike's Pentesting differ from traditional pentesting?
top arrow

Multiple aspects differentiate Strike's pentesting from the traditional approach.

Firstly, Strike collaborates with the world’s top ethical hackers. You will always be assigned a specialist hacker in your technologies, ensuring an exceptional level of hacking proficiency.

Additionally, we have developed an innovative platform that provides absolute visibility into the penetration testing exercise. You can access the work log of the ethical hacker and receive real-time notifications of the vulnerabilities discovered.

Moreover, we serve as your strategic partner. Our Customer Service is ready to assist you at all times, and our strategy team will help you outline the initial objectives of the penetration test while providing weekly recommendations.

How is the pentesting process?
top arrow

First, Strike will connect your company with the Strikers that match your needs, as well as language and time zone if that is important in your case. Later on, they will start the pentest and look for potential vulnerabilities immediately. Once that’s done, you’ll be able to see all of your vulnerabilities found in Strike's Platform. Strikers will also suggest ways to fix their findings.

How does Strike’s pentesting work?
top arrow

Strike collaborates with the world's top ethical hackers, the Strikers. You will always be assigned the specialist hacker in your technologies to uncover and report the vulnerabilities that truly matter to you in real-time.

Our team of experts is fully prepared to conduct various types of pentests to ensure your cybersecurity is as strong as it can be. These types of pentests include: Web-app, Mobile-app, API, Cloud, Internal, and Infrastructure.

And if you want to modify the scope on the fly, you don't have to worry. You can do it as many times as you want, with full transparency during the process.

What’s Pentesting?
top arrow

Pentesting is the short term for penetration testing, which consists of a series of standardized attack simulations to discover vulnerabilities of any given system. Those are part of the common practices regarding offensive security.

In this process, a cybersecurity expert will test the system in creative and counterintuitive ways.

Then, they will find vulnerabilities and report them.This will help your company tremendously, because you’ll be able to fix them right away and prevent potential cyberattacks.

About Strikers

How do Strikers communicate with companies doing their pentests?
top arrow

While you’re doing your pentest, you can chat with Strikers anytime using Slack. There will be an open chat where you can ask them your questions and discuss with them the vulnerabilities that were found. Also, you will be able, to have weekly follow-ups and support meetings.

Do Strikers follow certain methodologies during pentests?
top arrow

Yes, they do. Every Striker is certified and uses standard international pentesting methodologies, such as OWASP Top 10, OSSTMM, ISO 27000, and many others.

How is my Striker assigned? Can I choose a specific Striker?
top arrow

Strikers are assigned 24 hours after the pentest is created. This assignment is not random: Striker’s skills will adjust to your cybersecurity needs, technology, company size, industry, and even region and language if that’s important in your case.

From which region do the Strikers work?
top arrow

Strikers are from all parts of the world and work in a decentralized way.

How do you assure that my Striker is top tier and has the right amount of experience?
top arrow

All of our Strikers are chosen throughout a sophisticated onboarding process. Since Strike aims for the top 1% of ethical hackers in the world, the team makes sure they have important certifications and their work is top tier. Background checks and continuous validations are done consistently for every Striker to ensure that their work is excellent.

What are the Strikers?
top arrow

Strikers are part of Strike's global community of Ethical Hackers. They are certified with worldwide recognitions and certifications such as OSCP, OSWE, OSCE, or CREST. Strikers work from all over the world in a decentralized way, so there will always be one that matches perfectly with your pentesting needs.