qSEAp’s Remote Pentesting Framework is created to address a specific issue of most enterprises today. To create a secure, data leakage proof setup, that can be accessed by a remote user to conduct pentesting activities in an organization. QRPF can be used by multiple vendors connecting to an organization network over VPN, without any need of installing pentest tools or software.
|Restriction of onsite consultants due to pandemic situation.||Enables remote access to conduct pentesting of internal applications in a secured environment, eliminating the troubles of calling onsite consultants.|
|Fear of data loss/exposure to vendors while testing internal critical applications through VPN/ Remote connecting applications.||Encrypted access from anywhere, eliminating the possibilities of data loss/exposure.|
|Inability to provision appropriate tools required for pentesting for fear of abuse.||Provision of customized machines with specific tools to full fledged pentesting OS at the click of a button.|
|Longer wait times to provide systems access to vendors.||Multiple vendors can access machines for various tests.|
Deployment of Product
Deployment is as easy as loading a Virtual Machine Image file into Vsphere/ESXI or other virtualization platforms. Setup is available in OVA, VDI, VMDK images.
Pentesters can access the containers via a web browser and perform pentesting from within their browser.
Based on the type of underlying OS (Debian/Windows), our VDI will contain our proprietary software with docker containers. In the case of Windows OS, licenses should be provided by the customer.
Support provided if needed to be installed on Bare-Metal Hardware.
Containers will be customized to have the approved list of tools for pentesting.
Customers can upload multiple VMs and assign user access to VM’s through the admin module of the web GUI of applications.
VM will automatically start the required services and provide a web UI to a user connecting from remote machine. Only port 443/80 is required to be open for intended users.