Pentest - datami
Loading...

Pentest —
Penetration Test

  • We will check your website’s security level
  • We will simulate the actions of an attacker and demonstrate all the possible ways to hack your website
  • We will eliminate vulnerabilities and retest
from
$1300
Order
Find out more
When and why to
perform a pentest?
1 /
Reason 1
To check if the current level of protection will withstand an intrusion attempt by a potential attacker
Reason 2
To train staff in close to real conditions and make sure that you are prepared for unforeseen incidents
Reason 3
To make sure before launching a new version of the website that there are no vulnerabilities in development
We recommend you regularly perform a resource pentest. Preventing hacking is cheaper and safer for business than recovery.
Work algorithm
1. Consultation
We receive a request and provide a free consultation
2. Diagnostics
We agree on a diagnostic and audit plan according to individual needs
3. The contract
We sign a service and NDA contract
4. Payment
Receiving payment and necessary access in accordance with the selected work format Black, White, GrayBox
5. Work
We carry out work within 4-5 business days
6. Report
We provide a detailed report and recommendations on securing the website
Here are 10 examples of how a cybercriminal can harm your business

1 /
Delete website
To find the vulnerability and delete the website forever. Often this can be done by a 15-year-old guy who, after watching video lessons in the public domain decided to "have fun" and test his skills. An unprotected website becomes a victim of an underhacker
To hack admin panel
To take your business and demand a ransom. You lose control of the website until you pay
To steal database
1. To block access to data
2. To sell to competitors and other companies
3. To send spam and false promotions to customers on behalf of the company in order to obtain financial benefits
To steal traffic
To install a redirect on your website that will redirect some of the target users to a competitor’s website or any other resource. Place advertising banners on your website
To lower in SERP
To install malicious code on the website. When a code is detected, Google will block or move the website to low positions in the search result
To hack promotions
And to buy the goods for a penny
To steal payment card data
Through advertising platforms or web analytics services, a malicious script will be introduced on the online payment page to steal payment card data
To encrypt valuable files
Cryptolockers will place a virus that encrypts valuable files under a hard password. For the return of important data will require a large amount of money
Stealing the power of your server
To use your server for hidden cryptocurrency mining
To use your server for the mass attack
When planning large attacks, black hackers will use your server to store their “weapons”. They will place a sleeping malicious code that will sleep until it is sold
We use our own methodology conducting a pentest

Based on the experience of working with more than 400 clients, which takes into account the standards of world institutions specializing in data security:
Open Web Application Security Project (OWASP) Testing Project
The Penetration Testing Execution Standard
ISACA IC auditing procedure «Security assessment- penetration testing and vulnerability analysis»
Testing Strategies
Frequently asked questions
About service
About company
How often is it necessary to conduct a pentest site?
It all depends on the traffic on your resource, its growth and growth in the amount of data received or transmitted between users and your site. The frequency of the pentest also depends on the appearance of new threats, viruses and malware. We recommend doing a pentest 1-2 times a year, at least.
How is your company different from other companies with similar services?
Our company Datami was created because of the need to ensure the security of our online store. Back in 2016, for our large online store in Ukraine in terms of technology, it was necessary to organize safe transactions and the smooth operation of our servers, as well as protect the data of our online customers. At that time, we could not find a company in Ukraine that could provide us with such a level of protection. Therefore, it was decided to form our own IT security department. In the future, this department not only ensured the safety of our other projects but also grew to a company that today is able to protect a website of any complexity. Therefore, we probably understand the needs of online businesses more than others, having gone through the stage of searching for contractors for IT security.
What can happen to my website when you get access?
We do not get access to your websites. We provide its protection and provide you with all the accesses as the owner of the site. We also sign all the necessary documents under the NDA and bear full legal responsibility under the legislation of Ukraine. We are a technology company for which a reputation in the market is extremely important and its loss may have a high price. Therefore, we are not interested in creating risks for you.
Why should I trust you?
Because you, as a client, are much more valuable to us than we, as a contractor, to you. The cybersecurity market in Ukraine is not large. Consequently, the loss of our reputation will cost us much more than the cost of our services for you
Do you operate only in the field of websites security?
We protect all information assets of your company. It can be databases, applications, data of your customers or clients, internal document management, archives or applications for smartphones. All that is information and must be protected can be ensured by our protection.
How many people work in the company?
As of June 2020, the company employs 8 people. We also involve remote specialists who help to cope with more complex tasks, when it is necessary.
What risks do you assume during the cooperation?
We are only liable for what we come into contact with and to which we gain access from you. We are also responsible for all the terms that we indicate in the contract. For example, if you buy our 24/7 around the clock protection of your website, and after some time it was hacked, then we will undertake to restore all the information that has been lost at our own expense.