Share

Scoping Questionnaires

Scoping Questionnaires

Gaining a clear understanding of your requirements

Canary Trap adheres to industry best-practices and accepted methodologies (e.g. OSSTMM, OWASP) and a strong code of ethics surrounding any of the security services we offer our clients.  Our security experts who undertake any work effort on behalf of our customers are security practitioners who maintain the necessary experience, expertise, credentials, and certifications to deliver a world-class engagement.

Security testing can range in several varieties and include internal and/or external penetration testing, vulnerability assessments or Quality Assurance Testing (QAT).  From testing one specific application against known vulnerabilities to far‐reaching tests where no vulnerability information is provided, and every system and network is in‐scope. Canary Trap’s security experts will go as far as to gain control of systems, applications and networks by any means -or- simply illustrate how control could be gained without taking the steps necessary to accomplish the objective. We always use safe and non-destructive methods of attack.

The following questions are intended to provide us with an initial overview of the service(s) you’re interested in along with some preliminary data that will enable us to facilitate a focussed scoping call.  We ask that you review each of the below questions and answer with as much detail as possible. In the event  that  you’re  not  able  to  answer all of the below questions, please move forward to provide as much information as possible and we’ll reach out to schedule a scoping call with one of Canary Trap’s security experts who will review each question with you to ensure adequate information is obtained.

We are required to obtain written permission by an authorized representative to undertake security testing against any target(s).

Gaining a clear understanding of your requirements

Canary Trap adheres to industry best-practices and accepted methodologies (e.g. OSSTMM, OWASP) and a strong code of ethics surrounding any of the security services we offer our clients.  Our security experts who undertake any work effort on behalf of our customers are security practitioners who maintain the necessary experience, expertise, credentials, and certifications to deliver a world-class engagement.

Security testing can range in several varieties and include internal and/or external penetration testing, vulnerability assessments or Quality Assurance Testing (QAT).  From testing one specific application against known vulnerabilities to far‐reaching tests where no vulnerability information is provided, and every system and network is in‐scope. Canary Trap’s security experts will go as far as to gain control of systems, applications and networks by any means -or- simply illustrate how control could be gained without taking the steps necessary to accomplish the objective. We always use safe and non-destructive methods of attack.

The following questions are intended to provide us with an initial overview of the service(s) you’re interested in along with some preliminary data that will enable us to facilitate a focussed scoping call.  We ask that you review each of the below questions and answer with as much detail as possible. In the event  that  you’re  not  able  to  answer all of the below questions, please move forward to provide as much information as possible and we’ll reach out to schedule a scoping call with one of Canary Trap’s security experts who will review each question with you to ensure adequate information is obtained.

We are required to obtain written permission by an authorized representative to undertake security testing against any target(s).

Choose your Service and submit the appropriate

Scoping Questionnaire:

Web & Mobile Application Penetration Testing

External Vulnerability Assessment & Penetration Testing

Security Awareness Training

Wireless Security Assessment

Incident & Breach Response

Quality Assurance Testing

Internal Network Penetration Testing

Threat Risk Assessment

Web & Mobile Application Penetration Testing

External Vulnerability Assessment & Penetration Testing

Security Awareness Training

Wireless Security Assessment

Quality Assurance Testing

Internal Network Penetration Testing

Threat Risk Assessment