FAQs

What is the turnaround on support?

What do you consider an IP?

How long do you keep the data?

How secure is the vPenTest platform?

Can vPenTest detect system configuration changes?

Does vPenTest leverage the MITRE ATT&CK framework?

How does vPenTest stay updated on attacks?

Does vPenTest perform any exploits?

How does the vPenTest VM stay updated?

What operating systems are supported for the Agent?

What are the resource requirements for the vPenTest Agent?

Can I swap Agents between clients?

Do you support Microsoft Windows as a vPenTest Agent?

What if I can't deploy a virtual machine?

How can I access my device over SSH?

Can I deploy the Agent in the cloud?

Can I use my own image for the Agent?

Can I turn off the Agent while it's not being used?

How does the Agent clean up behind itself?

How much memory does the Agent take up?

Can I perform a penetration test over a wireless network?

What are the public IPs used by vPenTest?

What is vPenTest's methodology for automated penetration testing?

Can an internal assessment be performed over a VPN?

How are the severity ratings determined?

Do you recommend us allowlisting your source IP addresses?

What's the difference between the external and internal assessments?

Can I exclude certain ports from an assessment?

Do you recommend excluding anything from a scan?

Can I exclude IP addresses from my assessment?

How soon can I start an assessment?

What is the difference between a penetration test and a vulnerability assessment?

Can I turn off exploits for certain systems?

How long does a vulnerability assessment take?

How long does a penetration test take?

Will I experience any interruptions during testing?

Does someone look at our reports for quality checks?

How long will it take to get my report?

What are the different types of reports available?

What formats are the deliverables in?

What happens during report QA?