Services

Courses

Cases

Company

About Us

Penetration Tests
We do what attackers do, before they do it.

Ready to find out if your systems are as secure as you think?

ABOUT PENETRATION TESTS

Experts in pentesting

A penetration test is a targeted attack against your application, system, or network, carried out by our specialists with the agenda to push your environment hard enough to uncover vulnerabilities, before a real attacker does.

Every penetration test is handled by at least two offensive specialists who know exactly how real-world attackers think and act. We use a combination of tools and manual expertise to find the weaknesses automated scans miss.

Our methods are tailored to each mission, but always with the goal of exposing your vulnerabilities and helping you close them before anyone else exploits them.

Once we’re done, you’ll have a clear picture of where your defenses are weak and what needs to be strengthened to withstand a real attack.

A man in a suit looking at multiple monitors displaying financial or security data.

Did you know...

The average cost of a data breach is about 4 million USD.

– Cybersecurity Ventures

Två personer med ryggarna mot kameran arbetar vid mörkbelysta datorer i ett rum med rödbelysning – symboliserar ett red teaming-test i kontrollerad miljö.

About pentests

How it works

We kick off every test with a scoping meeting where we align on goals, environment, and attack strategy. Based on that, we build a plan rooted in proven standards like OSSTMM, OWASP, NIST, PTES, and ISSAF, combined with our own offensive methodology and real-world experience.

Once the plan is set, we go on the offensive. We identify, probe, and exploit vulnerabilities throughout the assignment, focused on finding real security gaps. You receive regular status updates during the test, and if we find anything critical, you’ll hear from us immediately.

When the job’s done, you get a clear, prioritized, and actionable report that shows exactly where your weaknesses are and how to mitigate them.

Scoping meeting: We set the scope and goals together.
Attack phase: We attack your environment, probe every surface, every link, and every way in.
Ongoing reporting: Critical issues are reported immediately.
Final delivery: You receive a clear report with prioritized recommendations.

Cyloqs Pentests

Why choose Cyloq for your penetration test?

It doesn't matter how skilled your internal team is, or how strong your current security provider may be. When you live inside your own systems every day, you get blind spots. Minor misconfigurations, legacy vulnerabilities and small cracks can hide right under your nose.

Bringing in an outside team to rip through your defenses is one of the smartest moves you can make to uncover vulnerabilities that others miss. That’s what you get with Cyloq. We don't skim the surface. We are relentless, thorough and nitpicky, and we analyze your systems on a level only a few can manage.

Our job is not to pat you on the back for what works. Our job is to find what can take you down, show you how to fix it, and do it before someone else gets the chance. If we cannot find any weaknesses, you can be sure no one else will either.

Offer

Cyloq offers penetration testing in the following areas

Web applications

Mobile applications

Infrastructure / Active Directory

Hardware/IoT

blog

Customer cases

Text Link

Featured

#All

VX Fiber: “Now we have a 'stamp of approval' on our security work”

2025-03-11

min read

VX Fiber is an international company that delivers broadband services to companies and municipalities that own fiber networks. With 80 employees and a growing network, IT security has become a central concern for the business. “Security work has become so important that we report it to the board on an ongoing basis,” said Tim Cambrant, Chief Security Officer at VX Fiber.

An external partner became a necessity

Before working with Cyloq, security work was handled by an internal team with the ambition to do the right thing, but they lacked external verification. “We realized that investors and customers expected an independent review of our security,” Tim tells us.

Responsibility grew as VX Fiber expanded. “The more customers we deliver to, the more socially critical our business becomes. The security issues come up in sales calls, and we need to be able to prove that we have a robust security structure,” said Tim. Despite internal competence, the company faced a crucial realisation; however carefully they audited themselves, an external party was required to ensure nothing was missed.

“We really wanted to know where we stood and get an external validation of our work.”

When they started looking for a partner, they wanted someone who was flexible, quick-footed and responsive. There Cyloq stood out among the crowd.

“They stood out among the great giants. They were easy to get in touch with, small but adaptable. They showed they were ready to do the job instead of just trying to sell in a big package.” After an initial meeting, the choice fell on hiring Cyloq to conduct a penetration test.

Penetration tests have become policy

Tim tells them that they were unsure if Cyloq would even be able to find anything in the two weeks that they have to do a penetration test.

“We had people on site who were ready to answer questions or assist Cyloq in its work. We thought they would need help and guidance, but they were working independently. And after 2 weeks they delivered a clear report.”

Tim describes the process as smooth and efficient. “We describe what we want them to focus on and give them access to relevant systems. Then they start — fully autonomous. They'll get in touch if it's something critical. They offer to be available for explanation or help fix things.”

When they got the report into their hands, Tim tells us they were surprised at how much they found.

“We want them to find things, but they also have a lot of confidence. We thought that they would not succeed in this in such a short period of time. They do a solid job and the feeling is that they put in more hours than they bill.”

VX Fiber now done three penetration tests and has as policy to do so at least 1 time per year. They test different parts of the business, and when everything is tested, they do it again. “It is a continuous work. Once one area has been tested, we start over on another.”

Clear results and strengthened safety culture

The cooperation has produced clear results. “The biggest improvement is that we now have a clear picture of our vulnerability profile. Cyloq has given us a 'stamp of approval' on our security work, which has strengthened our legitimacy with both customers and investors,” says Tim.

Another important effect is the changing safety culture within the company. “We have a young team of developers, and working with Cyloq has created humility and increased respect for information security. They've really seen the value of having an external reviewer,” explains Tim.

“It is not enough that we have a team of experts in-house, we become homeschooled. The collaboration has proven that however fussy we think we have been, we will always have missed things. It's raised awareness that no one is perfect, even the most experienced can miss critical details and that we always need to have someone else looking at this stuff and reviewing what we're doing. “

Advice for companies looking to strengthen their security

For companies looking to strengthen their security, VX Fiber recommends starting with a thorough inventory. “What do we want to protect? Customer details are often the most important. Then one should quickly move on to reviewing user permissions and storage routines. Many small businesses make it too easy for themselves, and what gets leaked is often a document that someone saved in the wrong place,” explains Tim.

Tim's second piece of advice is to seek outside help if you don't have the resources to devote time to it. “Not every company can invest in a large security team, but even if you manage your own IT, you should have an external auditor who can identify and close security gaps.”

Recommendation? Eh, yes!

When asked if VX Fiber would recommend Cyloq to others, the answer was a clear yes. “Above all, because they are easy to deal with, efficient, flexible and knowledgeable. They deliver value and make security work easier for us,” says Tim.

“We see no reason to switch from Cyloq, or even supplement with another player. So far we haven't given them anything that they haven't succeeded in. '

You want us to find the security flaws you didn't know you had?