Alchemise | New Customer

Step 1
Contact Information
Step 2
Project Requirements
Step 3
Technical Requirements
Step 4
Statement of Works

Step 1 - Contact Information

Company Name

Company Address

Contact Name

Contact Email

Contact Phone

The information provided will be used solely for communication purposes related to this project. It will not be shared, stored, or used for any other reason beyond ensuring smooth collaboration and updates throughout the project's duration.

Once the project is completed, all communication-related data will no longer be needed and can be destroyed if requested. This guarantees that your information remains private and is only utilised as necessary to support the progress of this specific project.

Any questions or concerns then please email us at sales@alchemise.tech

Alternatively, you can call us on +44 7718 921004 if you'd prefer to discuss this information in person. We're happy to chat and answer any questions you might have!

Select all requirements that you want to scope as part of this project.

Penetration Testing

Internal Penetration Test

Simulates an attacker inside a company’s network to find security weaknesses before real threats exploit them.

External Penetration Test

Assesses an organisation’s internet-facing systems to identify vulnerabilities that external attackers could exploit.

Web App Penetration Test

Evaluates web applications for security flaws like SQL injection, XSS, and authentication bypasses.

API Penetration Test

Tests APIs for vulnerabilities that could allow unauthorised access, data leaks, or service disruptions.

Mobile App Penetration Test

Analyses mobile applications for security issues such as insecure data storage and weak authentication.

Wireless Penetration Test

Examines wireless networks for weaknesses like rogue access points, weak encryption, and unauthorised access.

Thick Client (Desktop) Application

Evaluates applications on the lcoal computer for known configuration and security weaknesses.

Adversary Simulation / Red Teaming

Adversary / Threat Simulation

Mimics real-world cyber threats using tactics, techniques, and procedures (TTPs) to test an organization’s detection and response capabilities.

Build & Configuration Reviews

Build / Configuration Review

Reviews system configurations to ensure security best practices are followed and misconfigurations are eliminated.

Firewall Configuration Review

Analyses firewall settings to verify proper access controls and protection against unauthorized network traffic.

Cloud Configuration Review

Assesses cloud environments for security misconfigurations that could expose sensitive data or services.

Can't find what you need? You can call us on +44 7718 921004 or email us at sales@alchemise.tech.

To get started, simply check the box next to the engagement you need. After selecting your desired engagement, make sure to fill out all the required questionnaires.

Internal Penetration Test

Simulates an attacker inside a company’s network to find security weaknesses before real threats exploit them.

Number of IP Addresses to be tested

Only provide the number of servers and networking devices that are subject to testing. We do not recommend to include the workstations, laptops, desktops, peripherals and printers.

Number of VLANs or logically sergregated networks

Segregation testing required to be performed

Can this assessment be performed remotely

Web App Penetration Test

Evaluates web applications for security flaws like SQL injection, XSS, and authentication bypasses.

Number of static pages for the application

Number of dynamic pages for the application

Number of unique user roles you require testing

API Penetration Test

Tests APIs for vulnerabilities that could allow unauthorised access, data leaks, or service disruptions.

Number of functions or endpoints that are handled by the API

Number of unique user roles you require testing

Mobile App Penetration Test

Analyses mobile applications for security issues such as insecure data storage and weak authentication.

Type of mobile application

Number of functions or user journeys

Wireless Penetration Test

Examines wireless networks for weaknesses like rogue access points, weak encryption, and unauthorised access.

Number of SSIDs or wireless networks

Number of physical locations required to be tested

Adversary / Threat Simulation

Mimics real-world cyber threats using tactics, techniques, and procedures (TTPs) to test an organization’s detection and response capabilities.

Do you want us to perform a sophisticated phishing exercise

THis will include setting up a similar domain and enumerating a list of users using Open Source Intelligence (OSINT).

Do you want us to attempt to gain access to the internal network or resources from a remote attackers perspective

Failing to succed, we may recommend to move to an assumed breach scenario if unsuccessful.

Attempt to perform internal attacks and move laterally within the network

Attempt to evade firewall or network controls and access senitive hosts or networks

Typically this is to gain access to OT/ICS network or sensitive servers, such as backup hosts

Perform a ransomware simulation

The test team will need access to a hsot or server to perform this exercise.

Thick Client (Desktop) Application

Evaluates applications on the lcoal computer for known configuration and security weaknesses.

What architecture is the application built upon

Please select the Operating System for the application.

Does the application connect to a backend service like an API or Database?

If a full API penetration test is required, please add this as a seperate requirement and leave this blank.

This information is essential to provide the necessary details and help us tailor the service to your needs. Double-check that everything is filled out correctly before submitting to avoid any delays.

Requirement	Days	Cost
No requirements selected

Statement of Works

Thank you for providing the required information! We really appreciate it. Please take a look at the Statement of Works, which outlines all the details and next steps!

The following high-level requirements in the table below:

Requirement	Days	Cost
No requirements selected

	Subtotal
	Discount (5%)
	VAT (20%)
	Total

Request Proposal

This quotation is valid for 30 days and estimation is from a day rate of £1,250 (exc. VAT).

Prices do not include expenses, which are billed at cost on completion or every 30 days.

Any non-refundable or non-flexible expenses already incurred (e.g. fixed dates/time bookings) are billed at cost.

Why Alchemise

Alchemise’ methodologies reflect the latest global penetration testing approaches regarding the network, service, and application layers. Our steps emphasise the verification of the risk and the impact on the individual. We use the findings and vulnerability linkage, the latter being the ability to use multiple vulnerabilities together to exploit a higher-risk issue.

Alchemise’ teams deliver pragmatic advice about people and processes, with a focus on risk and ensuring business processes operate effectively. Below are the capabilities that we will demonstrate.

Dedicated penetration testing team that brings expertise, passion, quality, and integrity, thus keeping in pace with your evolving requirements and threat landscape.
In-house threat insights about threat actors and threat vectors across multiple industries in Ireland. Deep data-driven threat intelligence on security incidents or events.
Our team is diverse in their risk outlook, ensuring that relevant stakeholders are engaged from the outset.
In-depth organisational awareness of susceptibility to cyber threats and various attack trees, referencing industry models such as the Mitre Att&ck framework.
Alchemise has a pool of cyber security professionals with hands-on public services experience and deep technical cyber expertise across diverse industries.
Our experience and broad range of cyber security services enable us to support your security objectives while remaining within your risk appetite. We can look across the entire value chain to ensure that an organisation is secure for the digital world.

Constaints & Limitations

Denial of Service (DoS) attacks will not be performed during the assessment, unless specifically requested. Any potential for DoS, if discovered, will be detailed in the final report with relevant recommendations to mitigate the issue.
The active exploitation of identified vulnerabilities will only be performed in a production environment, if it is known that it will not impact the availability or integrity of the data, network, hosts or applications. If vulnerabilities that could impact the availability or integrity of the production solution are identified, these will be reported and not tested to completion unless advised otherwise by technical personnel.
If any in-scope system or network is known to be sensitive or operating at or near full capacity during normal operation, or if any system or network is mission critical, full details of the system or network should be highlighted to Alchemise prior to the start of testing. This will allow Alchemise to proceed with caution by reducing the intensity of scans and exploitation.
Whilst it is rare for testing to cause problems in target systems, the risk still exists. It is recommended that critical systems have backups taken in advance of testing so that critical data can be restored in the event of adverse system reactions.
It is the responsibility of Alchemise to identify and document the vulnerabilities present in the target environments. Once the test report has been dispatched for customer review, the report and its findings will only be amended at the customer’s request when accompanied by reasonable justification.

Terms & Conditions

Check out our full Terms & Conditions here.

Any questions or concerns then please email us at sales@alchemise.tech

Alternatively, you can call us on +44 7718 921004 if you'd prefer to discuss this information in person. We're happy to chat and answer any questions you might have!

+44 7718 921004

sales@alchemise.tech