Penetration Testing Service of Managed Security Service (MSSP) has experienced security experts to help you identify potential security vulnerabilities, raise information security awareness, and verify the effectiveness of existing security measures. MSSP aims to help you enhance network security and ensure that your information assets are well-protected. This topic describes the Penetration Testing Service content, service-level agreement (SLA), and workflow.
Service content and objectives
The following table describes the Penetration Testing Service content and SLA.
Service content | Service classification | Service description | Service scope | Service deliverable |
Application system tests | Basic business logic test | Penetration Testing Service performs comprehensive security testing on business systems by simulating attacker methodologies. This approach helps identify potential security vulnerabilities within standard workflows. In addition, the service provides fix suggestions to help you detect and mitigate risks in advance. | Internal and public network assets |
|
OWASP TOP 10 vulnerability test | ||||
Third-party component test | ||||
Permission authentication test | ||||
Security configuration test | ||||
Workflow test | ||||
Mobile application tests | Client tests:
| In mobile application scenarios, you need to pay attention to the security of clients and servers. Penetration Testing Service covers the entire security lifecycle of your applications and conducts in-depth testing on security hardening and data compliance. | ||
Server tests:
|
Service workflow
Purchase the service
You can call the Alibaba Cloud pre-sales hotline or contact your Alibaba Cloud account manager for consultation. For more information, see Pre-sales support.