RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

Diasoft: Pentest PDn

Product
Developers: Diasoft
Date of the premiere of the system: 2024/04/09
Branches: Information security
Technology: IT outsourcing

Main article: Pentesting (pentesting)

2024: Presentation of the Pentest PDn service

On April 9, 2024, Diasoft introduced the Pentest PDn service, which will help organize the processes of processing personal data in accordance with the requirements of the law. Penetration testing (penetration test) allows you to quickly obtain reliable information about non-conformities with 152-FZ requirements .

The work of Diasoft experts is built on three options adopted for pentests: black box, gray box and white box. The ability to select a test option gives full transparency about the result, because the customer chooses the scope of the checks.

In the course of work, the black box option checks all external information resources of the organization available to customers, inspectors and competitors: pages on sites, feedback forms, documentation, policies, contract templates, offer contracts. Verification is carried out without the involvement of specialists of the audited organization and does not affect its internal processes in any way. After 2 weeks, the company receives an informative assessment for making management decisions.

The gray box option includes work using the black box method, but at the same time the internal regulatory documents of the organization provided by the client are additionally checked. This type of verification has more depth and more valuable information to form a strategy. This allows you to provide a more informative report on the correctness of the 152-FZ requirements.

The check within the white box option is the most complete, it is a full-fledged testing that simulates the check of Roskomnadzor, which will help bring the processes to compliance and give confidence that the requirements of the legislation have been met. A report with the results of the audit and recommendations for eliminating violations will identify "gray areas" and high-risk areas, which will allow you to correctly form a plan of work to eliminate them. The white box check can be strengthened with additional options. More details can be found at the link.

File:Aquote1.png
Regardless of the option selected, our customers receive a qualitative inspection result, a report with identified violations and recommendations for their elimination. This will allow you to comply with the requirements of the law, ensure the legality of PD processing, raise the basic level of information security hygiene and customer loyalty. We see that all companies have typical errors in the organization of PD processing processes. In order to test yourself, you can already order a demo pentest - it will be free for your organization, - said Maria Kurnosova, head of information security consulting at Diasoft.
File:Aquote2.png