Skip to content

Frequently Asked Questions

Have questions about True Positives AppSec services? Check out our FAQ below or contact us to learn more!

What is Managed or Outsourced Application Security Testing?

Outsourced or Managed Application Security Testing is a service where you outsource some or all of your software security testing to a third party company specializing in cybersecurity (typically a Managed Security Services Provider or MSSP).

This approach is gaining traction due to its cost advantages, greater efficiency, as well as ease of management and scalability.

What is a managed security service provider (MSSP)?

A Managed Security Services Provider (MSSP) is an outsourced company that handles cybersecurity for other organizations. They specialize in protecting networks, systems, and data from various cyber threats.

Why I should trust True Positive's managed vulnerability scanning?

The True Positives team has over 100 years of combined experience in the AppSec space. In other words, we understand the industry and the different challenges that practitioners face on a daily basis.

Additionally, we have exclusive access to proprietary in-house tools and systems (True Inspect) as well as industry leading DAST technology from Invicti.

All of this provides our clients with managed vulnerability scanning services of unmatched quality and affordability.

How are True Positives Managed AST services priced so far below competitors?

Our proprietary internal systems and tools allow us to operate more efficiently which in turn allows us to offer better pricing and cost savings for our clients.

Does True Positives provide other AppSec services?

True Positives offers a comprehensive range of budget-friendly AppSec solutions.

From expert vulnerability scanning as a service to support for strategic application security planning, advanced testing, and resource optimization - our priority is strong security and cost-effective solutions for our clients.

What makes True Positives an ideal partner for startups and SMB's looking to build their AppSec?

Simply put - we offer affordable and comprehensive security solutions that otherwise would not be available to your organization.

From an initial free consultation with our experts we help you avoid costly blunders while giving you expert tips, advice, and access to enterprise level tools to help secure your applications.

What makes True Positives an ideal partner for AppSec savvy teams and programs?

Beyond providing starting point solutions for SMBs and startups, True Positives offers a range of services that allow your team the flexibility to make their AppSec stronger, more efficient, and cost-effective.

In addition, our security experts are fluent in the intricate dialect of application security with over 100 years of combined AppSec experience, having pioneered enterprise application security long before Microsoft's Trustworthy Computing initiative took flight around 2002.

What else does True Inspect do to ensure the quality of its vulnerability analysis?

We go above and beyond! Alongside our strategic partnership with Acunetix by Invicti, our dedicated technical team, composed entirely of application security automation experts, meticulously oversee every step of the scanning process all the way through processing to final reporting.

This commitment to excellence ensures not only completeness but also top-notch quality in the results we deliver.

How is a 'Target' defined for the purposes of your service, and why does it matter?

A 'Target' is typically defined as a single fully qualified domain name (FQDN), representing a distinct application or service to be tested.

Identifying targets is crucial as it helps tailor our security efforts to specific components of your digital infrastructure, ensuring thorough coverage and protection.

How does True Positives help my organization save money?

Build In-House Expertise: True Positives offers services to help you avoid costly blunders when building out your in-house expertise.

Resource Constraints: Our team helps you become more efficient instead of hiring on additional, expensive full time employees.

Scalability: Our on-demand model offers you security expertise and service that can scale up or down based on your organizational needs.

Access to Advanced Tools: We offer access to proprietary and advanced enterprise level tools that would either be unavailable to you or require expensive and lengthy contracts.

Can I see an example of what the True Positives Vulnerability Scan Report looks like?

Here is an example of our True Positives vulnerability scan report that provides a comprehensive view and actionable recommendations to improve your security:

In what format will I recieve my Vulnerability Scan Reports each month?

True Inspect Vulnerability Scan Reports are provided via email in HTML format in a manner which is highly secure.  The reports can easily be printed to PDF via the browser.