⚙️Active Testing

Once the test has started, leave the rest to us.

We may contact you in the event of:

• We have follow-up questions if we encounter something that was not discussed previously.

• We encounter any issues with the testing environment which represents a blocker.

• We encounter critical severity vulnerabilities that represent an imminent danger to the system or your organization. Such issues should be reviewed and addressed as soon as possible. All other vulnerabilities will be communicated as a part of the final report.

We are flexible on communication format and are happy to converse through email or a shared Slack channel. Feel free to reach out if at any point testing activities have become adversely disruptive and you need us to pause temporarily. Our IP will also be provided as a part of the pentest checklist; this should be shared with your Operations/Security team so they can distinguish between testing activities and actual security events should they arise during the testing dates.