FAQs

The Frequently Asked Questions guide you through our cybersecurity testing processes. They help us to understand your requirements. 

  • If you are in Singapore, give us a call or email us.
  • If you are not in Singapore, leave us an email. We will schedule a virtual meeting with you.

1. Timeline and Quality Commitment

Q1: What are the general steps for a security assessment project? And how long would it take?
MK Cybersecurity: For a medium project, it would take around 1 month.

  • Requirement brief: To confirm the target website URLs and servers – 1-2 days
  • Round 1: Initial security assessment and brief report – 1 week
  • Fixing period: Your development team to fix the security findings – 1-2 weeks.
  • Round 2: Verification of security fixes – 3 days
  • Closing period: Your development team to refix the security findings and final report: 3 days.

Q2: Which services we should choose for our security assessment project? Vulnerability Assessment or Penetration Testing or Security Code Review?
MK Cybersecurity: It depends on your need of security assessment.

  •  If you need a quick security check for common and simple security vulnerabilities, please choose Vulnerability Assessment. Moreover, Vulnerability Assessment also has lower pricing.
  • if you need comprehensive security check for all application functionalities, please choose Penetration Testing. Our security researchers will use hacking techniques to assess all application functionalities for complex and application-context vulnerabilities.
  • If you completed the Penetration Testing and want to assess the security by scanning the source code, please choose Security Code Review.

Q3: How we know the quality of security assessment performed by MK Cybersecurity?
MK Cybersecurity: We could provide you our security certifications and best-practice methodology. Moreover, we are more result-oriented to give you the reports with critical and high risk findings.

2. Requirement Brief

Q1. We would like to do a security assessment for our websites, mobile applications and servers. What information do we need to provide you?
MK Cybersecurity: Please simply contact us and we will guide you through the below questions.

1.  What are the target systems and applications?
Sample answer: We want to do penetration testing / vulnerability assessment / source code review for two public websites, one database server, one iOS application and one Android application.

2. What is the high level system architecture?
Sample answer 1: Our system uses ASP.NET,  Windows servers and Microsoft SQL Server.
Sample answer 2: Our system uses PHP,  Ubuntu OS on AWS EC2 and AWS RDS.
Sample answer 3: Our system uses customized WordPress,  Ubuntu OS on AWS EC2 and AWS RDS.

3. For target websites, please give us the website URLs and after-login screenshots.
Sample answer:
Public website: https://example.com. We attach the after-login screenshots in this email.
Admin website: https://admin.example.com
We attach the after-login screenshots in this email.

4. For target mobile applications, please give us the URLs of your application in Google Play and Apple App Store.
Sample answer:
Android App: 
https://play.google.com/store/apps/details?id=com.uptimerobot
IOS App: https://apps.apple.com/us/app/uptime-robot-app/id1104878581

5. For target servers, please give us your server IPs.
Sample answer: We have one server at ip1.example.com and 123.45.56.78.

6. (Only for source code review) For target source code, what is your technical stack of target source code?
Sample answer: We use PHP for our custom WordPress.

3. Value-Added Services

Q1: Do you provide Performance Testing service?
MK Cybersecurity: Currently, we do not provide Performance Testing service.

Q2: If cybersecurity testing services reveal security holes, do you provide security fixes?
MK Cybersecurity: We are also providing web development and server administration service to fix security holes. Please contact us for a quick quotation. The pricing is much reasonable than you expect.

4. Quotation

Q1. How can we get the quotation?
MK Cybersecurity: Please contact us for quotation. The pricing is much reasonable than you expect.