Kryptus’ Pentest 360° solution, adopted by sectors such as industry and health, identifies vulnerabilities, evaluates attack scenarios and recommends prevention measures
Corporate spending on information security is expected to reach US$ 219 billion by the end of this year, according to a survey by market intelligence consultancy IDC. The same study points out that, by 2026, investments in the area will amount to US$ 300 billion. These figures reflect the increasingly prevalent tendency among managers to anticipate emerging cyber threats, which includes establishing solid partnerships with qualified suppliers and incorporating cutting-edge solutions with a focus on preventative measures for the coming years.
“Organizations are understanding the complexity involved in contracting cybersecurity vendors and are preparing more carefully. Defining the scope, establishing a budget, Governance, Risk and Compliance (GRC) policies and identifying all those involved in the process are essential steps to ensure the success of the partnership,” explains Rafael Cividanes, cybersecurity director at Kryptus, a Brazilian multinational specializing in cryptography and information security.
In line with its clients’ strategic planning, in the first half of the year alone Kryptus provided more than 10,000 hours of Pentest services, a 360° solution for companies in the industry and health sectors, including the identification of network vulnerabilities and assessment of the extent of the damage of a possible invasion. “These segments in particular need to frequently assess the security of their digital connections and sensitive information, dealing with issues such as exposed API’s, such as areas with login and password access, and massive amounts of data, documents and electronic medical records,” says Cividanes.
Pentest includes exhaustive manual tests conducted by experts to broaden the coverage of the assessment, adapting to specific scenarios. In addition, the solution contributes to information security governance, generating KPIs for threat treatment and providing recommendations for remediation and preventive measures.
The possibility of contracting it as a package of services is another benefit of Pentest. This allows for greater planning of security activities, such as testing and consultancy, and can cover a period of six to 12 months, which enables better coordination with the development and vulnerability correction teams. This ensures greater test coverage across the client’s portfolio and structure, as well as avoiding overloading internal teams.
“This flexible and cost-effective approach to Pentest is an excellent option for those who are in the process of contracting suppliers and need to meet the security needs of different areas. With the service package, our customers have the freedom to target services to specific areas of their operations. The variety of the Pentest 360° service portfolio also allows for more comprehensive and targeted protection against cyber threats and, if contracted in advance, can be even more advantageous,” concludes Cividanes.