WE DO ONE THING
Companies that specialize in offensive security provide better penetration tests than companies that propose entirely unrelated services.
Google mentions Bishop Fox as an assessor that provides "in-depth, manual security assessment of a defined scope" with the goal of testing the security of applications integrating with Google and Alphabet ecosystems.
While the exact coverage of these tests depends on the project, product, or service you are delivering, our team can help define and recommend a customized assessment appropriate to your project.
Testing usually falls into the following areas:
|Infrastructure penetration testing
||Application penetration testing
For more detailed guidance on Google's penetration test requirements, including information about scoping and testing methodology, please see Google's Testing Guidelines.
Please note that automated vulnerability scanning/testing, and Bug Bounty and Vulnerability Rewards Programs are not replacements for penetration tests.
"We are a cloud-only company. Nearly everything is in the cloud. That positions us in a unique situation – there are some Google requirements that are difficult or almost impossible to comply with in this particular environment. Bishop Fox was flexible and understanding about this situation and helped us find a way to ensure the security of our users and environment without burdening our employees."
"The constant communication allowed us to remediate any security issues during the process. At the end of the process when we received our report, nothing was a surprise and we’d already been able to fix most of the few issues found. That was huge for us."
“We chose Bishop Fox as they come with an impressive pedigree. Bishop Fox specializes in security consulting services for various Fortune 100 companies and eight of the top 10 global technology companies around the world. They also work with major studios, so we knew they were the right people for the job.”