Frequently Asked Questions

Penetration testing, often referred to as pen testing, is a simulated cyber attack on your systems and networks to identify vulnerabilities and security weaknesses before malicious hackers can exploit them.

Vulnerability scanning is an automated process to identify known vulnerabilities in systems and applications. Penetration testing, on the other hand, is a more comprehensive and manual approach that simulates real-world attacks to identify both known and unknown vulnerabilities.

We follow industry-leading standards including the OWASP Testing Guide, Penetration Testing Execution Standard (PTES), and NIST SP 800-115 to ensure thorough and up-to-date testing methodologies.

Yes, we can send you a redacted sample Penetration Test report. Please, contact us in order to get the report.

Yes we offer both a Free plan and a Free Trial for our vulnerability scanners.

We offer Pen Testing & VM services across all cloud providers (AWS, Azure, GCP, DigitalOcean, Oracle, etc), hybrid environments, and on-site/collocation data centers. 

We offer free initial consultations for all of our services. 

 To make top-notch security more affordable for emerging businesses, we are offering generous discounts of up to 50%.

CSPM detects security risks within cloud workload configurations. With CSPM, businesses can identify unintentional configurations that could make it easier for attackers to access sensitive information or breach their environments.

Yes we do have a referral/reseller program ideal for consultants and service providers. Learn more.

Yes, to protect the confidentiality of the information you disclose to us, we advise clients to sign a Non-Disclosure Agreement (NDA) before initiating any work. You can contact us to request a copy of our NDA or send yours for us to review.

PTG offers comprehensive penetration testing services, including assessments of web applications, APIs, mobile apps, internal and external infrastructure, cloud and on-premises environments, as well as application vulnerability management services.

PTG offers various security testing methods, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), Infrastructure as Code (IaC) assessments, and Container Scanning.

PTG conducts internal and external vulnerability assessments to identify and address weaknesses in your systems, helping to ensure your digital assets are resilient against evolving threats.

PTG offers competitive fees that are a fraction of the cost of typical penetration testing providers.

Yes, PTG’s services adhere to high-level security frameworks, benchmarks, and standards such as NIST 800-53, FedRAMP, CIS, OWASP, and PTES.

PTG’s team members hold various security certifications and formal training, including CISSP, CISM, GIAC, and SANS.

PTG includes an online Web & Application Vulnerability Scanner that supports external (DAST) and internal scanning (SAST, SCA), as well as Cloud Security Posture Management in its plans.

PTG has extensive experience with popular compliance and auditing frameworks, including SOC 2, ISO 27001, PCI DSS, NIST, HIPAA, HITRUST, GDPR, CCPA.

PTG’s management team has over 50 years of combined experience in the field of IT and information security.

PTG has experience working with startups, cloud-native companies, SaaS providers, and Fortune 500 companies.

PTG assigns a dedicated security analyst/engineer and account manager to each account, with strict deliverables and service level agreements. Communication can be done through Zoom, Teams, Meet, private Slack channels, tickets, or email.

PTG’s security engineers are U.S.-based and U.S. citizens. PTG does not outsource or use crowdsourcing for its services.