What is a Credit?
We offer a range of credit packages that unlock our managed security testing, but what are credits?
Credits enable your teams to access security testing without the need for lengthy procurement processes. Simply assign your engineers an allotment of credits that they can draw from as and when they need.
Credits can be used to commission bitesize assessments, referred to as Tasks. Alternatively, credits can be used to validate remediation or test for false positives from automated scans.
Tasks put the control back in your hands by empowering you to choose the focus, depth, and priority of security testing. Generally this means assigning a task for each material feature or vulnerability group that you’d like us to test, but tasks can be as specific or general as you require.
The following are some examples of tasks:
Every task will detail the scope, the objective, and any constraints. This means that where you’d like a task to cover a broad functionality we can be fully transparent about any constraints that might have so that you can make a risk-based judgement.
We can support you in understanding how many tasks you might need during our initial discovery exercise, and your dedicated testing cluster is always on hand to update and amend tasks as your assets develop and change.
A task bundle can be created to enable Baseline testing. This is a collection of tasks that have been strategically combined to establish a point-in-time understanding of the security posture of an asset, or collection of assets.
The true power of tasks begins to be unlocked through Iterative testing. As soon as your team complete a development sprint, you can commission a task that focuses on the incremental change without the need to do a full baseline test every time.
What’s more, by integrating Cytix into your existing workflow, we can setup triggers to automatically commission tasks every time there’s a major change. That way you can be confident that every time code is pushed into your master branch or a ticket is closed in Jira, we’ll be ready to help.
With Continuous testing you set the number of tasks you’d like completed each month and we’ll do the rest. This always-on approach has all the benefits of a bug bounty program with the bonus of being delivered by a trusted partner with full understanding of you and your systems.
The advantages of continuous testing are huge, from constantly being tested against the latest published exploits, to being able to clearly track your performance over time, you can rest easy in the knowledge that we’re always in the background working away.
Validation credits can be used to help manage vulnerabilities through their lifecycle.
A validation credit can be consumed to investigate a specific finding identified by automated scans. This can be useful in removing false positives that create noise and to enrich findings with context that enables you to make pragmatic decisions about how to prioritise your vulnerability management programme.
A validation credit can also be used to validate a fix applied by an engineer for a known vulnerability, to ensure that it has been applied correctly.
Get a Free Trial From Cytix
Haven’t tried Cytix yet? Try our free trial to see how it works.Get a Free Trial
Start Detecting Vulnerabilities Others Miss Today
- Detect Vulnerabilities Faster
- Patch Vulnerabilities Faster
- Be more compliant