Penetration testing
Expert-led penetration tests of your applications, perimeter, and cloud — with findings published to your portal as testing progresses, not weeks later in a PDF.
3 findings published · testing continues · day 4 of 10
What we test
Apps · APIs · Auth flows
Authenticated and unauthenticated testing of your web apps and APIs against the OWASP Top 10 and beyond — access control, injection, session handling, business logic.
Perimeter · DNS · Exposed services
Your internet-facing perimeter, the way an attacker sees it: exposed services, stale DNS, weak TLS, leaked credentials, and the paths between them.
IAM · Network · Storage · Logging
A configuration-level review of your AWS, Azure, or GCP estate — IAM policies, network boundaries, storage exposure, logging gaps — mapped to hardening baselines.
Something else in mind — mobile app, internal network, bespoke scope? Tell us what you need.
Methodology
Every engagement runs through the same four stages, tracked in your portal from the day scoping starts to the day the last fix is verified.
01
We agree targets, test windows, credentials, and rules of engagement together — so testing is thorough where it matters and safe everywhere else.
02
Cholds testers work the scope manually, tool-assisted where it helps. Findings are published to your portal as they're confirmed — no waiting weeks for a PDF to learn about a critical.
03
A full report lands in your portal: executive summary for leadership, and per-finding detail — severity, affected assets, reproduction steps, remediation guidance — for your engineers.
04
Fix, then request a retest per finding from the portal. We verify the fix, update the finding's status, and issue a retest letter you can hand to customers and auditors.
Deliverables
Everything lives in the same portal Cholds compliance customers already use: findings from the moment they’re confirmed, the final report, and the retest record.
Get started
Tell us what you’d like tested and we’ll come back within one business day to scope it. Already a Cholds customer? Request a pentest from your portal.