# Penetration Testing

ilert engages independent external security firms to conduct penetration tests of its platform, infrastructure, and applications.

## Testing Cadence

* **Annual external penetration tests** performed by independent third-party security firms
* **Quarterly vulnerability scans** on production systems using automated tools
* Continuous hybrid automated scanning alongside periodic manual assessments

## Scope

Penetration tests cover:

* Web applications (ilert platform)
* Mobile applications (iOS and Android)
* APIs and integration endpoints
* Infrastructure and network components

## Methodology

External testers follow industry-standard methodologies (e.g., OWASP Testing Guide, PTES). Tests include both automated scanning and manual exploitation attempts. Findings are classified by severity and remediated according to defined timelines.

## Requesting the Penetration Test Report

The latest penetration test executive summary is available to customers and prospects under NDA. To request a copy:

**Email:** [sales@ilert.com](mailto:sales@ilert.com?subject=ilert%20pentest%20report)

Please include your company name and the context of your request (e.g., vendor security review, procurement process).

## Customer-Initiated Testing

ilert cooperates with customer-initiated security assessments, including threat-led penetration tests (TLPT) and cyber table-top exercises, at no additional cost. This is documented in ilert's [DORA Addendum](https://docs.ilert.com/trust-center/legal/dora-addendum) (Clause 6.4) for financial-sector customers.