All Netragard customers are eligible to participate in the Netragard Security Certification Program (“NSCP”). To be awarded a Certificate of Security a customer must undergo a Silver, Gold or Platinum level Penetration Test and then successfully resolve all identified issues regardless of severity within a 60 day window. Netragard performs secondary testing to validate resolution and to ensure that the methods of remediation did not introduce new vulnerabilities. Because the NSCP has no acceptable risk threshold it is more challenging to receive a Certificate of Security under NSCP than it is to satisfy most other regulatory requirements (like PCI-DSS, HIPAA, FDIC Penetration Testing, etc). Customers who are awarded a Netragard Certificate of Security have the option of advertising their certificate on their website through a crest that is provided by Netragard and that links back to an official certificate hosted by Netragard.
The Silver certificate is Netragard’s entry level product. Customers who receive this certificate have received an industry standard penetration test utilizing a combination of automated vulnerability scanning, manual vulnerability vetting and manual exploitation. The silver service level does not incorporate Real Time Dynamic Testing™, Social Engineering, Spear Phishing or other Threat Augmentation Modules. This service level is ideal for customers looking to satisfy third party penetration testing requirements.
The Gold certificate is Netragard’s technically advanced product. Customers who receive this certificate have received a penetration test that exceeds industry standard penetration testing levels. The Gold service level is driven by Real Time Dynamic Testing™ and provides unparalleled research based technical depth and coverage. At this level tests may use but are not dependent on automated vulnerability scanning. The Gold service level can optionally be configured with various Threat Augmentation Modules that include but are not limited to entry level Social Engineering and basic Spear Phishing. This service level is ideal for customers looking to protect Web Applications, API’s, Mobile Applications and other specific technical targets.
The Platinum certificate is Netragard’s most advanced product. Customers who receive this certificate have undergone a realistic threat penetration test that far exceeds industry standard testing levels. The Platinum service level can be configured to deliver complete coverage for all vectors including Social, Technical and Physical. This level incorporates Netragard’s Threat Augmentation Modules which include but are not limited to Social Engineering, 0-day home-grown malware, Spear Phishing, Stealth Testing, Distributed Metastasis, Covert Exfiltration, Weaponized Hardware, and much more. Our Platinum level maintains a 98.6% success rate at domain compromise from the vantage point of an unauthenticated Internet based threat without detection. This service level is ideal for customers who are serious about security across their entire organization and cannot afford a single damaging breach.
Philippe has over 10 years of experience in the banking and financial sector that includes security assessment of large and complex infrastructures and penetration testing of data & voice networks, operating systems, middleware and web applications in Europe, US and Middle East.
Previously, Philippe held roles within the information system security department of a global pharmaceutical company in London. While working with a heterogeneous network of over 100,000 users across the world and strict regulatory requirements, Philippe gained hands-on experience with various security technologies (VPN, Network and Application Firewalls, IDS, IPS, Host Intrusion Prevention, etc.)
Philippe actively participates in the Information Security community. He has discovered and published several security vulnerabilities in leading products such as Cisco, Symantec and Hewlett-Packard.
He is a Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), PCI Qualified Security Assessors (PCI-QSA), OSSTMM Professional Security Analyst (OPSA), OSSTMM Professional Security Tester (OPST), Certified in Risk and Information Systems Control (CRISC)and Associate Member of the Business Continuity Institute (AMBCI).