Frequently Asked Questions – FAQ’s

Ensure your Organization Assets are well evaluated and protected in front of the Cyber attacks

Cyber Legion Ltd is a UK-based cybersecurity start-up that provides IT security assessment services to various organizations around the globe.

Due to the increasing complexity of web applications, cybercriminals are finding more vulnerabilities that can be exploited. It is for this reason that web application testing and security is essential for all businesses.

Cyber Legion provide a continuous cycle of Security Testing combined with remediation via Secure Client Portal, to protect/enhance your assets and help improve the organization security posture.

We’re here to answer your most frequent questions about the services, tools, features and Cyber Legion testing capabilities. If you can’t find what you are looking for, make sure to Get in Touch with us so we can help.

FAQ’s

Product security is the practice of designing, developing, and maintaining products with built-in security features and safeguards to protect against cyber threats throughout their lifecycle.

Product security is crucial to safeguard sensitive data, protect user privacy, and maintain trust with customers. It helps prevent data breaches, financial losses, and reputational damage.

Security by Design is an approach that integrates security considerations into the product development process from the outset, ensuring security is an integral part of the product’s architecture.

Secure coding practices involve writing code that is resilient to security threats. Steps include input validation, using security libraries, regular code reviews, and conducting security testing.

Threat modeling is a structured approach to identifying, evaluating, and mitigating security threats and vulnerabilities in a product. It helps in understanding potential risks and making informed security decisions during the product development lifecycle.

A Software Bill of Materials (SBOM) is a comprehensive list of all software components, libraries, and dependencies used in a product. It helps in tracking and managing the security of these components, making it easier to identify and address vulnerabilities in your product’s software supply chain. SBOMs are essential for ensuring transparency and security in software development and maintenance.

Software composition analysis (SCA) is an automated process that identifies the open source software in a codebase. This analysis is performed to evaluate security, license compliance, and code quality. Companies need to be aware of open source license limitations and obligations.

Static Application Security Testing (SAST) is a frequently used Application Security (AppSec) tool, which scans an application’s source, binary, or byte code. A white-box testing tool, it identifies the root cause of vulnerabilities and helps remediate the underlying security flaws.

Dynamic Application Security Testing (DAST) is a black box testing method that examines an application as it’s running to find vulnerabilities that an attacker could exploit.

This scanning method can help to find certain vulnerabilities in web applications while they are running in production.

OSINT is raw data that is openly available to the public. It may include information like names, addresses, interests, and other personal details. Location and behavioral data, affiliations, and daily patterns are all important pieces of information that can provide an inside look into a target’s life.

A port scan is a method for determining which ports on a network are open. As ports on a computer are the place where information is sent and received, port scanning is analogous to knocking on doors to see if someone is home.

Penetration tests (or pen tests) are attacks on your companies’ software and hardware systems, carried out by ‘ethical hackers’ to expose your system’s vulnerabilities. One example is a web application pen test. Web apps, browsers and plug-ins can house sensitive financial or personal data, so hackers are increasingly putting their efforts towards gaining access to them. The test would examine the endpoint of every web application.

The pay-as-you-go (PAYG) pricing model means that users pay based on how much you tests they consume. 

MULTI-DISCOUNT is available for multiple assets / targets.

An asset or a target is a system that we can scan/test against using our tools.

e.g

example.com
IP 1.1.1.1
etc

*As for the network, we scan everything, but if we find several different applications running on different ports they are considered separate assets.

Security scanning, or vulnerability scanning, can mean many different things, but it can be simply described as scanning the security of a website, web-based program, network, or file system for either vulnerabilities or unwanted file changes.

Cyber Legion focus on modular security testing approach that include commercial, open source and custom testing scripts that can be run against targeted assets during the product full development lifecycle from design to production and in complete synch with client’s processes and technology stack.

Using a Secure Client Portal, the latest and most advanced security tools and commitment to innovation, we ensure that our clients continually benefit from Professional Cyber Services to detect, prevent and respond to threats & cyber attacks.

We follow precise testing checklists and Frameworks guidelines  that ensures a complete coverage of the security assessment. OWASP, SANS, NIST, CREST etc

Retesting enables programs to ask hackers to verify whether a vulnerability has been fixed in order to secure the protection of their data. If you submit a valid vulnerability report, programs can elect to invite you to retest the vulnerability to verify the fixes.

You can add as many assets  you have and they will be added to the subscription. Depende of the number of assets cerain discount wuill apply.

You can add more assets/targets to the scope or rotate the targets based on your prioritization model.

Once we have completed all the scans/tests, we’ll ingested all the discovery data in the Web Portal (2nd Portal) so that you can Analyze, Prioritize, View, Track, Report and Fix any detected vulnerability.

Important: We’ll need  to whitelist your IP addresses to be able access the Portal.

Our Professional Security Engineers perform the scans and tests and provide you with all the resulting data through the web portal.

Vulnerability testing is an essential part of mitigating your organization’s security risks. By using a vulnerability scanners to identify the points of weakness in your systems, you can reduce the attack surface that criminals might exploit, focusing your security efforts on the most likely targeted areas.

Identifying and Fixing vulnerabilities will help you improve your security defenses for not just your business but your staff, clients, customers, and partners.

  • Identify weaknesses
  • Prevent attacks
  • Protect sensitive data
  • Protect reputation
  • Avoid fines and ransom costs

Unauthenticated Testing

This tests the hosts in scope for any identified vulnerabilities in software versions or configuration issues on exposed services. It does not login to the system, therefore does not run more detailed checks that would only be possible when using local administrative user credentials.

Authenticated Testing

This tests the hosts in scope for any identified vulnerabilities in software versions or configuration issues, by logging into the host as an administrative user. This performs a much more detailed review and covers patch checking and configuration issues for the unexposed services on the host. If you wished to check all patching levels of systems across your network, an authenticated test would be the best option.

Our specialized team of security professionals hold industry qualifications such as CREST, OSCP, CISSP, CISM, CEH and Cloud security certification such as AWS, azure, GCP etc.

We are a SC Cleared team combine this with many years of industry experience at the highest level working across all industry sectors. We are skills hands-on engineers with clear track record of implementing, running managing security testing programs across various organizations.

Cyber Legion emphasizes a holistic approach to product security, integrating security by design, threat modeling, and continuous monitoring throughout the product lifecycle.

Cyber Legion provides security expertise across all stages of the product lifecycle, including design, development, testing, and post-market security assurance.

Cyber Legion specializes in guiding secure product architecture by identifying potential security risks and implementing design principles that mitigate threats.

Yes, Cyber Legion offers advanced tools and expertise to conduct vulnerability scanning, prioritize identified threats, and oversee remediation efforts.

 

Cyber Legion helps embed security into CI/CD pipelines by integrating automation for continuous monitoring, ensuring security is an integral part of the development process.

Yes, Cyber Legion helps organizations define Key Performance Indicators (KPIs) and generates strategic reports to measure and improve their cybersecurity posture.

Cyber Legion specializes in ensuring organizations comply with cybersecurity regulations, helping them avoid legal and regulatory penalties.

Cyber Legion specializes in ensuring organizations comply with cybersecurity regulations, helping them avoid legal and regulatory penalties.

Security Testing is a type of assessment that uncovers vulnerabilities of the system and determines that the data and resources of the system are protected from possible intruders. It ensures that the software system and application are free from any threats or risks that can cause a loss.

This statement refers to Cyber Legion services that are delivered through Web Client Portals.

→ Web Portal 1 – Features & Capabilities 

  • Private & Secure Client Portal
  • NDA, Contract & Digital Signature
  • Estimates, Invoices & Payments
  • Work Request Scheduler
  • Client File Upload/Download
  • Complete Project Management Solution
  • Private meeting & messaging

 

→ Web Portal 2 – Features & Capabilities

  • Private & Secure Client Portal
  • Client Workspace
  • Rea Time Finding Analytics & Statistics
  • Assets & Vulnerability Details
  • Artefacts & Attack Path
  • Engagement & Testing Reporting

 

You can Start for Free by register your account on the Secure Client Portal and benefit of a large are of services, all at your fingerprints.

To order our security services, you must register on the Cyber Legion client portal for free, sign the NDA and the consultancy service agreement, and submit and pay for the service using the Work Request Form.

Once these steps are completed and we have your approval for the targets within the scope of the scan/test, we can schedule the service according to your specified time frame.

On demand Security Testing Service References

A complete Organization discovery, inventory and classification, risk scoring and security ratings, continuous security monitoring, malicious asset and incident monitoring with advance security verifications/checklists – OWASP, SANS, NIST, CREST frameworks.

Sample of checklists

  • Web applications, services, and APIs
  • Mobile applications and their backends
  • Cloud storage and network devices
  • Domain/subdomains names, SSL certificates, and IP addresses
  • IoT and connected devices
  • Public code repositories such as GitHub, GitLab, and BitBucket
  • Email servers

A continue full security research (penetration testing) suitable network, websites/applications, APIs, IoT devices advance security verifications/checklists – OWASP, SANS, NIST, CREST frameworks.

You will pay only for severe findings as bellow:

  • Critical severity flaw= £3500
  • High severity flaw= £2500
  • Medium severity flaw = £500
  • Negotiable for large number of findings/assets

A complete Startup security testing program suitable network, websites/applications, APIs, IoT devices with advance security verifications/checklists – OWASP, SANS, NIST, CREST frameworks.

A complete Security Managed service package for your organization with advanced Cyber Security services such as Attack Surface ManagementVulnerability Assessment & Management, Risk Assessment, SAST & DAST scanscontinue Vulnerability discoveryPenetration Testing etc to support your business and improve your security resilience.

A full DAST scan suitable for web apps, webservices/APIs, networks etc with advance security verifications/checklists – OWASP, CREST frameworks.

Cyber Legion team will run in-depth continue Dynamic Application Security Testing – DAST scans against your web app, API or network with targeted scan profiles.

All the results will be available on the Client Portal.

1 x domain or 1 x IP

e.g

exmaple.com & 1.1.1.1

Small app start from:

 

Sample of checklists:
 
  • Authentication bypass
  • Password policy
  • Login limitation policy
  • Session management
  • Hijacking
  • Predictable identifiers
  • Reply and expiration attacks
  • Privilege escalation
  • Horizontal access
  • Cryptographic algorithm strength
  • Key management
  • Data-in-transit & data storage protection
  • Key management & algorithm logic
  • Information disclosure
  • Injection vulnerability (XSS, SQL, HTML, XML, JSON, OS command)
  • Path traversal
  • Object identifiers
  • Local and remote file inclusion
  • Stack-based bounds checking

+

  • Custom Checklists against latest Threat and Vulnerabilities

A full Penetration Testing suitable websites/applications advance security verifications/checklists – PTF, OSSTMM, PTES. SANS, NIST, CREST frameworks.

  • Addresses – The biggest cost factor for an external penetration test is the number of IP addresses on your Internet perimeter. This will dictate how much time is spent in testing. One way to reduce this cost is to only perform a penetration test on the Internet hosts that have ports open and services listening on the Internet.
 
Sample of checklists:
 
  •  
  • Port scanning
  • Authentication bypass
  • Password policy
  • Login limitation policy
  • Session management
  • Hijacking
  • Predictable identifiers
  • Reply and expiration attacks
  • Privilege escalation
  • Horizontal access
  • Cryptographic
  • Validate and exploit known vulnerabilities
  • Network segmentation
  • Credential capture
  • Insecure network protocols
  • MITM attacks
  • VLAN/ACL issues algorithm strength
  • Key management
  • Data-in-transit & data storage protection
  • Key management & algorithm logic
  • Information disclosure
  • Injection vulnerability (XSS, SQL, HTML, XML, OS command)
  • Path traversal
  • Object identifiers
  • Local and remote file inclusion
  • Stack-based bounds checking

+

  • Custom Checklists against latest Threat and Vulnerabilities

A full Penetration Testing suitable websites/applications advance security verifications/checklists (OWASP,SANS,NIST, CREST frameworks approach)

 
Sample of checklists:
 
  • Device Decomposition
  • Dependencies
  • Authentication bypass
  • Default/Weak Passwords
  • Missing Security Updates
  • Insecure Web Administration
  • Use of Insecure protocols
  • Check for known configuration weaknesses
  • Insecure Data Storage
  • Wireless Vulnerabilities
  • Bluetooth Vulnerabilities
  • GSM Network Vulnerabilities
  • Infrared Network Vulnerabilities
  • LPWAN Network Vulnerabilities

A full Penetration Testing suitable for mobile applications with advance security verifications/checklists (OWASP,SANS,NIST, CREST frameworks approach)

 
Sample of checklists:
 
  • Authentication bypass
  • Password policy
  • Login limitation policy
  • Session management
  • Hijacking
  • Predictable identifiers
  • Reply and expiration attacks
  • Privilege escalation
  • Horizontal access
  • Cryptographic algorithm strength
  • Key management
  • Data-in-transit & data storage protection
  • Key management & algorithm logic
  • Information disclosure
  • Injection vulnerability (XSS, SQL, HTML, XML, JSON, OS command)
  • Path traversal
  • Object identifiers
  • Local and remote file inclusion
  • Stack-based bounds checking

+

  • Custom Checklists against latest Threat and Vulnerabilities

Managed Product Security by Cyber Legion ensures comprehensive protection of digital products throughout their lifecycle, addressing contemporary digital challenges and enhancing resilience against cyber threats.

Key Services:

  • Vulnerability Assessments and Penetration Testing: Identifying and mitigating vulnerabilities through rigorous testing and real-world cyber-attack simulations.
  • Compliance Evaluations: Ensuring products meet standards set by security frameworks like NIST, HIPAA, GDPR, and ISO.
  • Security Architecture Review: Detailed examination and optimization of security infrastructure.
  • Source Code Analysis: Scrutinizing source code to identify and rectify potential vulnerabilities.
  • Threat Modeling and Attack Surface Analysis: Systematic identification and assessment of potential threats and vulnerabilities.
  • Network Security Solutions: Robust measures to safeguard digital products and customer data.
    Benefits:
  • Data Breach Prevention: Fortifying data against unauthorized access.
  • Customer Trust: Enhancing customer confidence through demonstrated commitment to security.
  • Regulatory Compliance: Assistance in adhering to industry-specific security standards.
  • Competitive Advantage: Establishing a robust security posture as a market differentiator.

Additional Features:

  • Resource Optimization: Leveraging expertise and advanced tools while minimizing the need for a large in-house security team.
  • Encryption Services: Ensuring data privacy and security.
  • Custom Security Plans: Tailoring strategies to specific organizational needs.

Product Security Documentation & Additional Services

Core Product Security Documentation:

  • Security Risk Management Plan (SRMP): Strategic plan outlining approaches to managing security risks.
  • Security Risk Management File (SRMF): Documentation supporting ongoing risk management processes.
  • Security Risk Evaluation Sheet (SRES): Includes Threat Model, Gap Analysis, Security Risk Controls, and Risk Management Matrix.
  • Static Code Analysis (SCA): Analysis of static code to identify vulnerabilities.
  • Vulnerability Scan/Binary Scan: Detailed identification of vulnerabilities in software binaries.
  • Dynamic Application Security Testing (DAST): Evaluation of application security in dynamic conditions.
  • Standard Security Testing: Verification and validation of security measures.
  • Malformed Input/Fuzz Testing: Analysis of system responses to malformed or unpredictable inputs.
  • Penetration Testing: Findings from simulated cyber-attacks to identify weaknesses.
  • Security Risk Management Report (SRMR): Comprehensive report detailing security risk management activities.
  • Security Risk-Benefit Analysis: Evaluation of the trade-offs between security risks and benefits.
  • Cybersecurity Bill of Materials (SBOM): List of all components in a software build.
  • Manufacturer Disclosure Statement for Device Security: Security disclosure for medical devices.

Additional Support Services:

  • Incident Response Plan (IRP): Guidelines on responding to cybersecurity incidents.
  • Cybersecurity Policy & Procedure Manuals: Documentation of company-wide cybersecurity policies and procedures.
  • Security Configuration Baselines: Standard secure setups for hardware and software.
  • User Awareness & Training Materials: Educational content for promoting cybersecurity awareness.
  • Data Privacy Impact Assessment (DPIA): Evaluation of data processing’s impact on privacy.
  • Security Auditing & Compliance Reports: Detailed audits for compliance with cybersecurity standards.
  • Business Continuity & Disaster Recovery Plans (BCDR): Strategies for maintaining/resuming business in emergencies.
  • Third-Party Vendor Security Assessments: Evaluations of third-party vendors’ security postures.
  • Cloud Security Strategy Documents: Plans and guidelines for securing cloud-based environments.
  • Cybersecurity Maturity Models: Frameworks for assessing cybersecurity maturity and planning improvements.
  • Legal Compliance Documentation: Assistance with cybersecurity laws and regulations.
  • Security Architecture Blueprints: Detailed diagrams and descriptions of security architecture.
  • End-User Encryption Guides: Instructions on encryption techniques and tools.
  • IoT Security Guidelines: Best practices for securing Internet of Things devices.
  • Forensic Analysis Reports: Documentation of findings from security breach investigations.

Cyber Legion Portal Features:

  • Unrestricted Access: Comprehensive suite of tools and resources for security management.
  • Security Assurance Tools: Utilization of SCA, SBOM, DAST, and OSINT for robust security assurance.
  • Expert Advisory Support: Access to remote security advisers, managers, and analysts.
  • Comprehensive Documentation & Reporting: In-depth records and insights into security posture.

See product security service page

A full SAST scan with advance security verifications/checklists (OWASP frameworks approach)

Cyber Legion team will run in-depth continue Static Application Security Testing – SAST scans against your repository with targeted scan profiles.

All the results will be available on our Secure Client Portal.

1 x repo or app

e.g

exmaple.com

Small app start from:

 
Sample of checklists:
 
  • Programming Language Tools
  • OWASP’s list of criteria strategies
  • OWASP’s Top Ten web application security vulnerabilities
  • Accuracy
  • Compatibility
  • Correct libraries
  • Compilation instructions
  • All required code

+

  • Custom Checklists against latest Threat and Vulnerabilities

A full Penetration Testing suitable websites/applications with advance security checks.

Vulnerability Scanning Tools to explore our wide ranges of security testing services. Get advantage of Cyber Legion managed security testing services and integrated testing tools to scan you application, network and find every vulnerability that matters. All findings are delivered in a single dashboard with advanced tracking, collaboration and reporting options. 

A full monthly vulnerability scanning suitable network, websites/applications, IOT devices etc advance security verifications/checklists – OWASP, SANS, NIST, CREST frameworks

 
Sample of checklists:
 
  • Authentication bypass
  • Password policy
  • Login limitation policy
  • Session management
  • Hijacking
  • Predictable identifiers
  • Reply and expiration attacks
  • Privilege escalation
  • Horizontal access
  • Cryptographic algorithm strength
  • Key management
  • Data-in-transit & data storage protection
  • Key management & algorithm logic
  • Information disclosure
  • Injection vulnerability (XSS, SQL, HTML, XML, JSON, OS command)
  • Path traversal
  • Object identifiers
  • Local and remote file inclusion
  • Stack-based bounds checking

+

  • Custom Checklists against latest Threat and Vulnerabilities

A full Penetration Testing suitable for websites/applications with advance security verifications/checklists – OWASP, SANS, CREST frameworks. Black , White and Grey Box available.

 
Sample of checklists:
 
  • Information Gathering
  • Configuration and Deployment Management Testing
  • Identity Management Testing
  • Authentication Testing
  • Authorization Testing
  • Session Management Testing
  • Input Validation Testing
  • Testing for Error Handling
  • Testing for Weak Cryptography
  • Business Logic Testing
  • Client-side Testing

+

  • Custom Checklists against latest Threat and Vulnerabilities

A full Vulnerability Assessment suitable for webservices/APIs with advance security verifications/checklists – OWASP, CREST frameworks

 
Sample of checklists:
  • Broken Object Level Authorization
  • Broken User Authentication
  • Excessive data exposure
  • Lack of resources and rate-limiting
  • Broken Function Level Authorization
  • Mass assignment
    Security misconfiguration
  • Injection
  • Improper assets management
  • Insufficient logging and monitoring

+

  • Custom Checklists against latest Threat and Vulnerabilities

Discover, Analyze, Prioritize, Track, Visualize & Report

CREST Approved Penetration Testing Services

Secure your business with top-tier expert knowledge and advanced Penetration Testing (CREST Approved)

Let's collaborate to build and maintain secure businesses

Cyber Legion convert threats into trust by leveraging Advanced Technology and Expertise in Product Security and Business Continuity. Our approach integrates Secure by Design, comprehensive Security Assurance, Red Teaming, Adversary Emulation and Threat Intelligence, Penetration Testing, and Expert Security Advisory and Consultancy. We ensure compliance with meticulous security assurance and detailed documentation, from design to post-market.

As a CREST-certified Penetration Testing provider in the EMEA region, we are committed to the highest security standards.Cyber Legion - CREST Approved