Bluedog Security offers manual penetration testing services tailored to financial institutions, focusing on compliance alignment and audit readiness. The service is conducted by human testers holding certifications including CISSP, GIAC, OSCE, OSCP, OSWE, and CREST. Testing scope covers: - Web applications - Mobile applications - REST/API endpoints - Office networks and endpoints - Active Directory The methodology emphasizes manual, human-driven testing over automated tooling, targeting business logic bypasses, authorization flaws, and authentication weaknesses that automated scanners typically miss. Findings are assessed both individually and as chained attack scenarios to reflect real-world business risk and impact. Deliverables include: - A password-protected PDF report with vulnerability details, risk ratings, remediation steps, and management summaries mapped to control frameworks - A post-test debrief with the client's technical team - A post-remediation retest of identified vulnerabilities - A certificate of completion for items within scope The service is designed to support financial sector compliance requirements, providing evidence-rich findings suitable for auditor presentation. Bluedog Security is ISO 27001:2022 certified and is an authorized vendor of Globe Telecom.