Promithic Pen Testing

Promithic Pen Testing

About Promithic Promithic was founded in 2018 by a team of security professionals who understood the immediate need for a fresh approach to dealing with today's security threat landscape. Our people possess decades of accumulated specialist expertise working in the defence, technology, telecommunications, critical infrastructure, and financial sectors. Team details and references provided on proposal and under MNDA.

Solution Summary

Promithic provides the following assessment / penetration services: Core Security
  • Infrastructure / Adversarial Simulations / Active Testing / Red Teaming / Assumed Breach / Threat Emulation/ Ransomware Simulations / Attack Synthetics / Fault Injection / IoT Assessments / Critical Infrastructure / Physical Security Assessments
Application Security
  • Web / Mobile / Native Apps / Secure Code Review / DevSecOps / Threat Modelling / Cloud Assessments
Specialised Services
  • DFIR / Simulations & Training / Purple Teaming / Tech Strategy & Advisory

How to Contact / Get a Quote

If you are interested in talking to Promithic or would like to get a quote, please click on the link below and register your interest. We will then do an email introduction for you.

StrategyMix Buyer Group Ratings

Signin to rate this solution

Promithic: How we work plus our Testing methodology

We focus on building enduring partnerships with our customers to ensure the strongest possible foundations and defences to protect against current and future information security threats. The security threat landscape is a highly dynamic one – preparedness dictates continuous knowledge and improvement.

Our approach? See the wood and the trees.

  1. Evaluate threats at each trust layer: Device, User, Transport, Application, Data.
  2. Direct offensive efforts to compromise high value, exposed objectives.
  3. Inform iterative strengthening of security posture.
Security methodologies adopted by Promithic are tailored to client and project requirements. An initial fact-finding / discovery meeting establishes what methodologies will provide the most secure, efficient, and ROI-optimised project / operational outcomes. Specific methodology details are provided on proposal and under MNDA.

Promithic: Vulnerabilities we’ve found (no names)

At a high-level, vulnerabilities we have identified and exploited range from ACSC TLP amber designations and include conference system takeovers all the way to complete facility access including control of boom gates at chemical facilities. As an organisation, we approach engagements with a threat-oriented mindset, as opposed to strictly focussing on vulnerabilities.

Promithic: Our Testing Deliverables

Testing deliverables are tailored to specific engagements. Deliverables can include anything from execution of custom ransomware simulations through to purpose-built adversarial simulation reporting and debriefs. Complimentary regression testing is included where applicable. Sample, anonymised deliverables are available on proposal and subject to MNDA.