Policies

Building trust through our comprehensive policies and methodologies

Introduction

At Intense Security, we know that cybersecurity is a crucial aspect of any modern business. With cyberattacks becoming increasingly common and sophisticated, it's essential to take proactive measures to protect your company's valuable assets. That's why we follow a strict methodology that includes both Non-Disclosure Agreements (NDAs) and Rule of Engagement (RoE) when conducting penetration testing and other services for our clients.

What is our methodology?

Our methodology is a comprehensive approach that we follow when conducting penetration testing for our clients. It includes both NDAs and RoE as critical components to ensure the safety and confidentiality of our clients' sensitive information. At early stages of each project, we enter into an NDA with the client to ensure that any information shared with us during the testing process is kept confidential. We then establish the RoE that outlines the rules and procedures for testing their systems and networks. Typically, these rules are incorporated into the contract once the proposal has been accepted. Our RoE contains some of the following elements:

- Definition of scope: specifies the systems and networks that will be tested and the objectives of the testing.
- Limitations on testing: outlines any restrictions on the testing, such as avoiding certain systems or testing during certain hours.
- Planification: ensures that the testing is conducted in an organized and systematic manner.
- Communication protocols: establishes the channels and frequency of communication between us and the client during the testing process.
- Actions: specifies the actions that can be taken during the testing, such as exploiting vulnerabilities or accessing sensitive data.

Why is important?

Firstly, it ensures that the testing is conducted in a safe, ethical, and confidential manner, with minimal disruption to the client's operations. This helps to minimize the risk of damage to critical systems and reduces the likelihood of legal or reputational consequences.

Secondly, our methodology helps to establish clear expectations and guidelines for the testing process, which can help to reduce misunderstandings and miscommunications between us and the client.

Finally, our methodology helps to enhance the legal protection of both parties by establishing a clear agreement on the scope and objectives of the testing, as well as the confidentiality of any information shared during the process.

At Intense Security, we work closely with a team of legal experts to ensure that our NDAs and RoE are legally sound and compliant with all relevant regulations and standards.