Skip to content
About Us
Our Team
Testimonials
Careers
Services
Penetration Testing
Application Security Testing
Source Code Review
Research Projects
Work From Home Service
Resources
Blog
In the News
Certification Program
Contact Us
Project Intake Form
Project Intake Form
Netragard
2020-07-06T16:04:32-04:00
Contact Information
Company Name
*
What is the full legal name of your company?
Company Website
*
Please provide your company website/URL
Name
*
First
Last
Email
*
Phone
*
Please explain your testing needs in your own words.
*
Why are you testing and what concerns you the most? Have you had previous tests and what were they like? Are there any delicate systems should be avoided? What are your biggest security concerns? What are you trying to accomplish, what is your goal?
Technical Information
Notice:
The following questions are designed to collect technical information about your project. Netragard will use this information to diagnose the exact workload for your project through a process called Attack Surface Mapping (ASM). This diagnosis is a requirement for genuine penetration testing. If the information that you provide is incorrect or incomplete then the proposal will also be incorrect. Please check "I agree" to continue.
I Agree
What type of test are you looking for?
*
External Network Penetration Test
Internal Network Penetration Test
Web Application Penetration Test
iPhone or Android Security Testing
Other / Custom
Context: External - From the Internet / Internal - From the Local Area Network (ie: as an employee working from the office or data center)
External Network Penetration Testing Targets
External IP Addrss List (Internet connectable IP addresses that you want tested). See important note below.
*
IMPORTANT NOTE: Your form will be rejected and you will be required to repopulate the form if you do not provide IP addressing information. This information should be provided in CIDR notation whenever possible.
Internal Network Penetration Testing Targets
Internal IP Address List: (Internal / LAN IP Addresses that you want tested) See important note below.
*
3.238.70.175
IMPORTANT NOTE: Your form will be rejected and you will be required to repopulate the form if you do not provide IP addressing information. This information should be provided in CIDR notation whenever possible.
How many live systems do you have in your internal environment?
*
Could you give an approximate count for: a) workstations, b) windows servers c) *nix servers d) other devices (e.g. network switch/routers, printers, IOT, etc.)
*
For the Windows/*NIX servers, could you give us a rough estimate of the number of physical server vs. virtual server?
*
How many subnets do you have configured in the corp. environment? Are these subnets restricted (firewall, access list)?
*
Web Application Testing - Perspective
SELECT ONE ONLY - Credentialed or non-credentialed web application testing (select credentialed if mixed).
*
CREDENTIALED TESTING
: We want credentialed testing and will provide login information. Testing should be carried out from the perspective of a user with an account and from the perspective of a user without an account.
NON CREDENTIALED TESTING
: We do not want credentialed testing and will not provide login information. Testing should not be carried out from the perspective of a user with an account. Netragard should not request or attempt to create an account.
Web Application Targets for unauthenticated testing only.
*
Web Application Targets for Authenticated Testing Only [MUST PROVIDE CREDENTIALS]
*
Threat Information
iOS / Android
For Android / iOS / Custom Security Testing: Please provide as much detail as possible about your testing needs. We are particularly interested in understanding why you are testing, what you are testing, and if you have tested before. We are also interested in understanding the technical aspects of what you need tested. The more detail the better.
Threat augmentation modules enable our teams to produce elevated levels of threat. Those threat levels can be anything from basic to genuine nation-state. Please select all that apply.
Social Engineering (Targeted attacks designed to breach the network, includes targeted phishing & RADON)
Statistical Phishing (Test a large number of users, see who clicks)
Physical Security Testing ( Attempt to breach the physical office )
Wireless Security Testing (OnSite)
Distributed Metastasis (Also known as pivoting. The act of propagating penetration throughout a network)
Watering Hole Attacks ( http://en.wikipedia.org/wiki/Watering_Hole )
Stealth (Avoid detection during testing. Used to test IDS/IPS/IR)
Custom (Create your own below)
Create your own threat
If you selected the "Other" box above, then please define the threat that was not included above.
Business Information
Which one is most important to you?
*
Project cost is most important.
Project quality is most important.
What price range are you expecting this proposal to come in at?
*
$10,000 - $14,999
$15,000 - $19,999
$20,000 - $29,999
$30,000+
We are asking you this to make sure that your expectations are realistic with regards to testing.
When do you expect this project to start?
*
Immediate
This month
Next Month
This quarter
Other (Please specify below )
Other project start dates (if you selected other above)
How did you find us?
*
Web Search
Google Ad
Blog
Social Media
Referral
News
Other
Referral/Other
Have you purchased or received a third party penetration test before?
*
Yes
No
How was your last penetration test priced? For example, were you quoted a price per IP Address or the number of lines of code?
Who delivered your last penetration test? (Company name)
Please select the boxes that best describe your last test.
Breached the network
Breached the domain
Performed Social Engineering
Used pseudo-malware & infected systems
They were covert, we didn't detect their activity
Some systems crashed
Some networks crashed
The last test caused damage
Performed phishing (against a select number of people)
Performed phishing (against most employees)
We were highly satisfied
We were moderately satisfied
We were slightly satisfied
We were dissapointed
We wanted a real penetration test but feel like we got a scan instead
We would recommend them to others
We would not recommend them to others
Please describe the testing process from start to finish for the last penetration test you received.
What type of data does your network contain?
*
Payment Card Information
Personally Identifiable Information
Sensitive Customer Lists
Payroll / Salary Information
Company Finance Data
Partner Finance Data
Classified Information (TOP SECRET, etc)
Source Code
Legal Data
Patent & Design Information
Other
Other type of information?
How concerned are you about being compromised by malicious hackers?
*
Not at all Concerned
Slightly Concerned
Moderately Concerned
Highly Concerned
What is the worst that could happen if a malicious hacker compromised your data?
*
Not damaging at all
Slightly Damaging
Moderately Damaging
Critically Damaging
It would put us out of business
How confident are you about the security of your network?
*
Not confident at all
Slightly Confident
Moderately Confident
Highly Confident
Tweet
Share
Share
Pin
