Bulletproof Enterprise Penetration Testing is a CREST-certified penetration testing service designed for enterprise-scale organisations. It covers a broad attack surface including infrastructure, web applications, mobile applications, cloud environments, IoT/OT, social engineering, and red team exercises. The service is delivered alongside a SaaS threat management platform (portal/dashboard) that aggregates findings across multiple test engagements, automatically prioritises threats, and provides remediation advice for each identified vulnerability. The platform also consolidates data from other security services such as managed SIEM, phishing campaigns, and vulnerability scanning into a single view. Key test types offered: - Web application penetration testing (OWASP Top 10, authenticated/unauthenticated, API, DAST, SDLC integration) - Network & infrastructure pen testing (external and internal, PTES methodology) - Cloud penetration testing (AWS, Azure, GCP, IaaS, PaaS, Microsoft 365) - Mobile application pen testing (iOS, Android, SAST, source code review) - Social engineering pen tests (phishing campaigns, employee training) - Red team security testing (multi-site, black team, purple team, OSINT) The service supports enterprises managing multiple concurrent testing programmes across different business units and infrastructure components. It is designed to complement existing internal pen test teams and help meet compliance requirements including PCI DSS, ISO 27001, SOC 2, HIPAA, FTC Safeguards, and GDPR.