STMBUGSHIELD
Continuous Cyber Security
STM Bugshield is the Continuous Penetration Testing and Bug Bounty platform, which investigates the vulnerabilities in the customer digital inventories with a “hackers” perspective and reports the defects found.
It is a central platform where the vulnerabilities that can be detected in the web applications, mobile applications, operating systems and network infrastructures of public institutions and private companies are reported to the relevant institutions.
STM Bugshield has role-based management capabilities with customer, analyst and researcher profiles. In the role of the researcher, competent cyber security experts in different fields conduct vulnerability research. Our analysts verify the identified vulnerabilities, after the approval process, our customers are informed through the platform and thus, they can respond quickly to detected vulnerabilities. With the ticketing mechanism we have developed integrated into the platform, findings and status changes can be monitored instantly. In addition to the notifications sent via STM Bugshield, notifications can also be sent via e-mail and SMS.
Download Brochure
With the “Continuous Penetration Test Methodology” of the systems, it is aimed to detect emerging vulnerabilities quickly by testing them by different security researchers at the time intervals determined by our clients. The detected vulnerabilities are subjected to a two-stage approval process, and the verified findings are sent to the client with instant notifications. In this way, the time between finding and removing the vulnerability can be shortened.
The test status, detected vulnerabilities, severity of vulnerabilities, mitigations against vulnerabilities and the vulnerability inventory can be monitored through the portal. Institutions can request vulnerability research by determining inventory lists and test policies.
Test Status:
Screen displaying the inventory being tested or scheduled for future testing.
Vulnerabilities:
Screen displaying the vulnerabilities detected at the following levels: critical, high, medium, low, information.
Severity Level:
Screen displaying the vulnerabilities detected at the following levels: critical, high, medium, information.
Inventory Status:
Screen displaying the number of domains, IP adresse sor mobile applications where vulnerabilities were detected.
Outstanding Features
- Trustworthiness: Identification of vulnerabilities by a reliable group of researchers who have signed a confidentiality agreement
- Quality: Multiple researchers looking at inventory and checking and verification of detected vulnerabilities by STM analysts
- Agility: Sending instant notifications and taking action for all identified vulnerabilities
- 7/24/365: Conducting tests at more frequent intervals, as opposed to periodic penetration tests
