Tag Archive for Non-functional Testing
Partnership

Tenendo has excellent experience partnering with PCI QSA, software development and cybersecurity companies. We have qualified technical resources and are working on expanding our partner network.
Client-Bank application compromise

This case is a very good example why manual penetration tests are valuable – the team achieved compromise without administrator access to the application, not using any known exploits or discovering injection/deserialization/other RCE flaws.
Internal adversary simulation

The adversary simulation activity allowed the security team to demonstrate a complete compromise path while not using any usual, “exploitable” vulnerabilities.
Infrastructure penetration testing

Infrastructure penetration testing focuses on the security of both the application environment and the supporting infrastructure, including third-party services and applications. The testing is performed with a combination of manual and automated techniques, tailored for the specific environment.
Application penetration testing

For all penetration tests, our team collects relevant information about the scope, develops an attack surface, and begins an extensive manual and automated search for vulnerabilities and applicable attacks.
Social engineering assessments

Social engineering is an attack that requires human interaction, persuading employees of the target company to act, such as opening a malicious document or providing authentication credentials.
Adversary simulation

Adversary simulation assessments allow to completely emulate the actions of a malicious individual and trigger proper security team response.
Performance testing

Performance testing allows us to predict and monitor the system load in order to optimize infrastructure and development requirements. Our service seamlessly integrates performance testing into your existing testing processes.
Secure Software Development Life Cycle (Secure SDLC)

Build and maintain a mature process of secure development and confirm its compliance with the industry standards (HIPAA, PCI DSS, ISO/IEC 27001, SOC2, NIST, CCPA, and GDPR).