Sign up

Penetration Testing

Nested Knowledge will undergo penetration testing of its web application on an annual basis, unless this schedule is required to be revised by Nested Knowledge. An external security firm will test the web application to identify vulnerabilities. During the testing period, no software releases will be pushed, except releases with important bug fixes. Any vulnerabilities detected will be remediated promptly by the Nested Knowledge development team.

Each penetration test will follow the steps:

  1. Reconnaissance: gathering information before an attack
  2. Enumeration: finding attack vectors
  3. Exploitation: verifying security weakness
  4. Documentation: Recording results

Testing History #

The last penetration test was completed by a third-party vendor on May 28th, 2024.

Revision History #

AuthorDate of Revision/ReviewComments/Description
K. Cowie10/25/2024Reviewed
K. Cowie05/04/2023Updated
K. Kallmes04/10/2023Approved
K. Holub06/24/2024Updated for annual pen test

Return to Policies

Updated on October 25, 2024
Did this article help?

Have a question?

Send us an email and we’ll get back to you as quickly as we can!