Penetration Testing as a Service

Continuous, relentless pentesting without compromises

Contact Us

It’s PTaaS without loss of quality.

We’ve taken Penetration Testing as a Service (PTaaS) to the next level, providing a continuous pentest of your system vulnerabilities.

With Raxis PTaaS, you have the power of an experienced pentesting team continuously monitoring your system for emerging security threats at all times. We’ll start with a baseline full pentest and add in continuous vulnerability scanning to help us laser focus on anything that changes. We’ll manually pentest those changes, including pivoting to internal systems when possible.

FACT

Using the skills of expert pentesters and state of the art software, PTaaS detects emerging threats as quick as a vulnerability scan without the hassle of false positives.

Raxis Penetration Testing as a Service

PTaaS Process

PTaaS Functions

When we set out to build a PTaaS or continuous pentest offering for Raxis, we had a lot of concerns around reducing quality and the impact that would have on our customers. To resolve this, we took the best parts of our traditional pentesting service and combined them with the best features of both PTaaS and continuous pentesting.

Annual Penetration Test

Our PTaaS process begins by establishing the baseline. We start with a traditional penetration test and provide recommendations to improve your security. This is the same full pentest that we perform on your entire scope if you currently use our stand-alone annual pentest. We’ll work closely with you to remediate any findings to ensure your network is protected before starting the monitoring process.

Continuous Anomaly Detection

Next, we’ll configure our anomaly detection software to scan your network for changes and emerging threats. We may request that you whitelist our IP addresses to ensure that we are not blocked by our repeated scans. In the event a security risk is uncovered, our anomaly detection software will evaluate the risk for severity and potentially route to a Raxis pentesting engineer that is best matched to the finding. Every finding and the current status of the PTaaS operation is visible at all times within Raxis One.

Incremental Penetration Test

The incremental pentest stage activates if our anomaly detection engine determines that a risk exists. If it’s a false positive, we will notate that in Raxis One, and you won’t hear from us. In the event that the finding poses a significant threat, we will immediately notify you of the potential threat and then perform a pentest against the specific element to determine credibility. As with our other pentests, this incremental pentest will include a proof of concept with screenshots and remediation recommendations to help you stay secure.

On Demand Pentesting

Sometimes you’ll need a pentest done to get a major change approved and released to production. Raxis PTaaS works similar to our competitors in the sense that you can quickly schedule a pentest to be done in just a few days using a pre-defined cost, while retaining the quality of career professional, US based pentesters. In addition, Raxis PTaaS moves as fast as a bug bounty program, without the privacy concerns.

Raxis Pentetration Testing as a Service Specifications

tl;dr

  • Continuous Penetration Testing using AI technology
  • On demand Penetration Testing available for enrolled platforms via Raxis One
  • Powered by Raxis One, a secure web interface for all Raxis services
  • Raxis utilizes the same tools and techniques as a blackhat hacker
  • Predictable timeline for the assessment
  • Exploitation, pivoting to other in-scope systems, and data exfiltration in scope
  • Remote internal network access option available via Raxis Transporter
  • Optional re-test to validate remediation
  • Adheres to the MITRE ATT&CK framework
  • Meets or exceeds requirements for NIST 800-53, NIST 800-171/CMMC, PCI, HIPAA, GLBA, ISO 27001, and SOX compliance
  • Available as a monthly or annual subscription
©2023 Raxis LLC - All rights reserved.