Question 1

How long does a penetration test take?

Accepted Answer

Our pentests are scoped as once-off engagements. A standard web application pentest typically takes 5-10 business days depending on the scope and complexity of the application. Infrastructure tests vary based on the number of IP addresses and network segments. We provide a detailed timeline during the scoping phase.

Question 2

Will penetration testing break our production systems?

Accepted Answer

We take every precaution to avoid disruption to your production environment. Our testers follow a carefully controlled methodology, and we agree on testing boundaries beforehand. For sensitive environments, we can test against staging or pre-production systems first.

Question 3

What certifications do your penetration testers hold?

Accepted Answer

Our penetration testing work is backed by practical training including PWPP, PWPA, Web Application Security & Testing, Mobile Application Penetration Testing, Practical Ethical Hacking, and Practical Malware Analysis & Triage through TCM Security.

Question 4

Do you provide remediation support after the test?

Accepted Answer

Yes. Every engagement includes a detailed report with prioritised remediation guidance. Higher-scope assessments include dedicated remediation support calls where our testers walk your development team through each finding and recommended fix.

Question 5

How is AI/LLM penetration testing different from traditional pentesting?

Accepted Answer

AI pentesting focuses on unique attack vectors like prompt injection, jailbreaking, data leakage through model outputs, and adversarial inputs. It requires specialised knowledge of machine learning systems and the OWASP Top 10 for LLM Applications.

Features	LLM Assessment	Full AI Audit
Prompt Injection Testing
About Prompt Injection Testing "Testing resistance to prompt injection attacks"
Data Leakage Assessment
About Data Leakage Assessment "Checking for unintended information disclosure"
Model Supply Chain Review
About Model Supply Chain Review "Auditing model dependencies and third-party components"
Adversarial ML Testing
About Adversarial ML Testing "Testing model robustness against adversarial inputs"
Custom Threat Model
About Custom Threat Model "Bespoke threat model tailored to your AI deployment"

AI & LLM Security Testing

Assessment Scope

LLM Assessment

Full AI Audit

What's Included

Frequently Asked Questions

Secure Your AI Deployment