How We Help Clients

“NetSPI has not only delivered some of the most actionable and insightful recommendations through the course of the engagement but has also been very collaborative in how we can improve the true program.”

“The brain trust behind the NetSPI subject matter experts – the testers, the program management team, the support team, the innovation team – they’re working to make real value in the process itself so that I can talk about risk from a risk management perspective, not just from a vulnerabilities perspective. I don’t see that in a lot of other vendors.”

“From working with NetSPI, my team has been able to demonstrate our ability to prevent, detect, and respond to threats more effectively with the investments in our security stack.”

In this edition of the NetSPI Field Notes, learn how NetSPI consultants discovered a client’s application server was returning privileged user keys to unauthenticated users.

Explore the field notes of NetSPI’s penetration testing experts, covering vulnerability research and other cool penetration testing stories.

“I would recommend anyone who is considering developing a relationship with an external penetration testing partner or web app security testing partner to consider NetSPI. They’ve been flexible, adaptable, they’re responsive, and we feel that the work that they have done is quality work that has helped us to continually improve and keep our product safe and secure.”

“The quality of NetSPI’s deliverables stood out to me. The fact that remediation testing is included in NetSPI’s pricing is huge. That is not something you commonly see from other penetration testing companies.”

“If you’re looking for the opportunity to work with a company who really understands the penetration testing space and is really forward-looking in how they do it, NetSPI’s a great option… it really is the full package to help build out a program and augment what you’re doing internally.”

“We engaged NetSPI to support us in a variety of data security and penetration testing services ranging from our infrastructure all the way to our mobile apps. We store patient data and hold confidential information from lab results and other personal data. It’s of utmost importance to keep this entrusted data safe while it’s in our stewardship. We particularly appreciate the flexibility of working with NetSPI and their ease of identifying areas of risk.”

The results were easy to view and digest, meaning I could go in and resolve some of the issues to harden our network immediately. I feel like our environment is definitely better from having that penetration test and taking the time on remediation steps.

The NetSPI team is easy to work with. They gave all vulnerabilities to our team through a very easy process and the results were clear, making them easy to remediate. In addition, Resolve™ is easy to access and communicate through.

I’ve been through multiple pentests over the years, and I’ve been very pleased with the breadth and depth of the work NetSPI has done for us and the ease of reporting and reviewing of results.

“The results we’ve received from NetSPI are higher quality – they’re real issues and not just automated scan results… Since the results are a much higher quality, our team doesn’t have to spend significant time filtering through the results. We only get the important issues – so our time and energy are focused on what matters.”

Prior to deploying Resolve, we relied on a collection of manual processes to manage our vulnerability data. There was no workflow capability and the process required a tremendous amount of manual effort. The Resolve solution allowed us to streamline the process, providing a one-stop shop for our vulnerability triage processes.

“NetSPI has worked exceptionally well with all groups within MnSCU to ensure that policy and recommendations apply to all of the very different groups in our organization. NetSPI’s strong understanding of organizational requirements, IT, and IT security, have made them a key resource in developing and implementing portions of our security program.”

“NetSPI has excelled at interpreting regulations and applying them at our nuclear plants. NetSPI consultants understand nuclear plant operations and their IT security risks.”

“Their processes are very structured. Everything happens the same way every time. There are no surprises. And their reports are phenomenal compared with some of the others we have seen. They are way above any one else.”

“The NetSPI folks were incredibly creative; any skepticism we might have had evaporated when we saw how quickly deliverables started appearing. They understood our developers’ concerns and started working on revisions of our security requirements, translating general statements into actionable specifics.”