A ACS Security Consultants
Authorized • Evidence‑Based • Outcome‑Focused

Penetration Testing, Vulnerability Scanning & Phishing Email Assessment

We deliver clear findings, reproducible evidence, and actionable remediation guidance to reduce risk and support compliance.

Request Proposal View Services →
Authorized Testing Only Evidence‑Ready Reporting HK / APAC Experience
🛡️

Penetration Test

Black/Grey Box for Web/API, External/Internal, and Cloud. No social engineering or wireless.

🔎

Vulnerability Scan

Infrastructure & Web only. Prioritized findings with remediation guidance and optional re‑test.

✉️

Phishing Assessment

Campaign design, landing pages, and KPI reporting to support awareness and response readiness.

Services

All testing is performed under explicit written authorization and NDA.

Penetration Testing

Methodology aligned with OWASP/WSTG, PTES, and NIST 800‑115. Clear risk ratings and reproducible steps.

  • Black/Grey Box only
  • Web / API / Mobile (on request)
  • External / Internal / Cloud (Azure/AWS/GCP)
  • Deliverables: risk rating, business impact, PoC steps, remediation, re‑test
  • Not included: social engineering or wireless testing

Vulnerability Scanning

Regular assessments focused on infrastructure and web assets. Human review to reduce false positives.

  • Infrastructure (network/host) & Web applications
  • Risk scoring and remediation prioritization
  • Monthly/quarterly scheduling and trend reporting
  • Optional re‑test for validation

Phishing Email Assessment

End‑to‑end exercises with transparent metrics for leadership and training teams.

  • Templates, landing pages, and campaign reporting
  • Open/click/submit KPIs and departmental breakdowns
  • Awareness content and basic training support

About ACS

We operate primarily across HK/APAC with red/purple team and SOC experience, supporting enterprise and financial sector requirements.

Our deliverables emphasize evidence and clear remediation. We support periodic scanning and re‑tests to continuously reduce exposure. All work is conducted under authorization and NDA with appropriate data protection.

OWASP • PTES • NIST ISO 27001 Friendly Evidence‑based Reporting

Contact

Tell us about your scope, timeline, and goals. We will provide a tailored quote.

We will follow up by email with next steps and pricing.