Prepare the Pentest Environment
Ensure the pentest environment contains the latest code and configurations. Testing should ideally be conducted in an acceptance/test environment. If this environment is not an exact replica of the production environment, it is essential that the pentest environment at least contains (test) data. This enables testers to assess all functionalities of the application, ensuring no parts are overlooked.
Ensure the Test Environment Functions Properly
Verify that all functionalities and components within the application operate as intended, mirroring the production environment. Conduct a thorough check and inform the pentesters beforehand if certain features are not functional in the test environment.
Create Backups
As data may be altered or deleted during testing, it is crucial to create backups before initiating a pentest.
Inform the Hosting Provider
Notify the hosting provider to whitelist DongIT's IP addresses for IDS, IPS, and rate-limiting systems during the test period. See also FAQ.
Provide Necessary Information
Depending on the type of pentest, specific information must be provided in advance. See also FAQ.
Adjust SMTP Settings of the Test Environment
Configure the provided SMTP settings to allow our researchers to view all email messages sent through your application. See also FAQ.