Level 1: Exposure Assessment as a Service (EAS)

By collecting and analyzing the external exposure information of clients, Cymetrics helps them start with understanding the risks within the organization and from the supply chain. We further conduct cybersecurity exposure management efficiently from the outside to the inside.

Level 2: Vulnerability Assessment as a Service (VAS) 

Cymetrics conducts detailed assessments based on various exposures. Our assessment items are performed by cybersecurity experts from the financial industry and cybersecurity engineers, based on the latest attack intelligence test scripts. Through proceeding the automatic and continuous vulnerability assessment by including the compliance from OWASP TOP 10, CWE and CVE, we also help clients to manage their own cybersecurity exposures before hackers do.

Level 3: Penetration Test as a Service (PTS) 

Cymetrics’ qualified CEH cybersecurity experts follow the OSSTMM methodology to detect ""known and unknown vulnerabilities"" for the testing scope and provide consulting services to assist clients in managing vulnerabilities based on risks. In addition to vulnerability scanning, the detection items also include system logic and zero-day vulnerabilities, helping clients to detect the effectiveness of in-depth defenses with more complete and in-depth detection.

Based on its notable experiences in Web2 penetration testing and Web3 cybersecurity auding experiences and know-how, Cymetrics provides professional Red Team services to cater to the cybersecurity needs of digital asset exchanges. The attack vectors include the front-end and back-end security of exchange platforms, API, cold/hot wallet, operation authority management, and more related to core structures. Through Cymetrics MetaRed services, the clients could have a comprehensive understanding of their platforms’ security vulnerabilities to reduce the chance of being attacked by hackers.