Penetration tests are performed to determine potential vulnerabilities in computer applications, web pages, online stores. Our approach is holistic and includes Discovery, Evaluation of Vulnerabilities, Exploitation of Vulnerabilities, Testing of Applications in unauthenticated and authenticated mode, Evaluation of Mobile Applications, Test Report, Confirmation of solving identified problems. The need to perform penetration tests is highlighted by specific requirements in the current legislation:

• General Data Protection Regulation;
• Rule 4/2018 of the Financial Supervision Authority;
• BNR Regulation number 3 implemented by Order 553/2019 of the ADR;
• The NIS directive implemented by law 362/2018 and related DNSC norms.

Dataeye has received ADR authorization and you can find it on the list of IT Auditors here.

Dataeye received ASF certification number 22/24.03.2020 and you can find it on the list of IT Auditors here.

We will carry out actions to evaluate the technical and organizational controls implemented to comply with the standards and legislation in force. We will evaluate the IT system starting from the architecture, network, servers, virtual machines, applications and databases, policies, procedures and documents from the point of view of confidentiality, integrity, availability, resilience and business continuity. The need to carry out such Audit operations is highlighted by specific requirements in the current legislation:

• General Data Protection Regulation;
• Rule 4/2018 of the Financial Supervision Authority;
• BNR Regulation number 3 implemented by Order 553/2019 of the ADR;
• The NIS directive implemented by law 362/2018 and related DNSC regulations.