/sectors · Pentest by vertical

Each sector has its adversary.
We know both.

Generic pentest finds what's documented. Sector pentest finds what's being actively exploited against companies like yours.

35+

Sectors covered

90%

Manual pentest

Countries served

OWASP·MITRE

Frameworks

/saude

Hospitals & Clinics

Protect electronic health records, hospital systems and medical devices against ransomware and patient data breaches.

LGPDResolução CFM 1.821/2007

/planos-saude

Health Insurers

Security audit on member portals, TISS integrations and telemedicine platforms.

LGPDANS RN 305/2012

/fintech

Fintechs

Cutting-edge offensive security for fintechs at scale — from PSPs to digital wallets, BaaS and PIX infrastructure.

BACEN Resolução 4.658Circular 3.978 (PIX)

/bancos

Banks & Credit Unions

Red Team and high-complexity pentest for financial institutions — internet banking, ATM, core banking and SWIFT.

BACEN Resolução 4.893Resolução CMN 4.658

/consorcios

Consortium Administrators

Audit of member portals, assembly systems and integrations with credit bureaus.

BACEN Resolução 4.893Lei 11.795/2008

/seguros

Insurance & Brokers

Security on quotation portals, digital claims, SUSEP integrations and brokerage platforms.

SUSEP Circular 638/2021LGPD

/igaming

iGaming, Casinos & Betting

Specialized offensive security for betting operators, online casinos and gaming platforms — RNG, KYC, AML and regulatory compliance.

Lei 14.790/2023 (Bets BR)SPA/MF Portaria 1.475

/energia

Energy & Utilities

Offensive security in OT, SCADA, smart grid and critical energy infrastructure environments.

ANEEL REH 22/2022ONS Procedimentos de Rede

/petroleo-gas

Oil & Gas

Offensive security in refineries, terminals, platforms and pipelines — including OT/ICS, SCADA and downstream logistics.

ANP Resolução 2/2010IBAMA

/mineracao

Mining

Security audit of mine operation systems, autonomous fleets, processing plants and railway logistics.

ANMLei 14.066/2020 (Barragens)

/industria

Industry & Manufacturing

Offensive security in factories, ERP, MES, industrial IoT and automated production lines.

ISO 27001IEC 62443

/automotivo

Automotive

Offensive security in OEMs, auto parts, vehicle connectivity, telematics and mobility platforms.

UN R155 (cibersegurança veicular)UN R156 (OTA)

/agronegocio

Agribusiness

Offensive security in ag-tech, grain trading platforms, machinery telemetry and slaughterhouse integration.

LGPDMAPA (rastreabilidade)

/logistica

Logistics & Transportation

Offensive security in TMS, WMS, connected fleet, last-mile and freight platforms.

ANTTLGPD

/aviacao

Aviation

Offensive security in airlines, GDS, check-in systems, IFE and airport operations.

ANAC RBAC 175IATA

/varejo

Retail & E-commerce

Offensive security in e-commerce, marketplaces, POS, omnichannel and loyalty platforms.

LGPDPCI-DSS

/saas

SaaS & Technology

Offensive security in B2B SaaS products, multitenancy, APIs and cloud-native infrastructure.

SOC 2 Type IIISO 27001

/telecom

Telecommunications

Offensive security in mobile carriers, ISPs, 4G/5G core networks and billing platforms.

AnatelLGPD

/midia

Media & Streaming

Offensive security in streaming platforms, broadcasters, digital journalism and content protection (DRM).

LGPDLei de Direitos Autorais

/game-studios

Game Studios

Offensive security in online games, MMO, anti-cheat, in-game economy and IP protection.

LGPDLei 14.852/2024 (Marco do Jogo)

/escolas

Schools (K-12)

Offensive security in school systems, parent portals, learning platforms and protection of minors' data.

LGPD (dados de crianças)ECA

/faculdades

Colleges & Universities

Offensive security in academic systems, online learning, research, digital library and teaching-hospital records.

LGPDMEC

/edtech

EdTech

Offensive security in digital education platforms, K-12, corporate training and online exams.

LGPDGDPR

/farmaceutico

Pharmaceutical Industry

Offensive security in pharmaceutical factories, GxP systems, clinical trials and IP protection.

ANVISA RDC 658/2022 (BPF)FDA 21 CFR Part 11

/alimenticio

Food Industry

Offensive security in food factories, recipe systems, traceability and cold chain.

ANVISAMAPA (SIF, SISBI)

/construcao

Construction

Offensive security in construction firms, developers, BIM, jobsite IoT and buyer portals.

LGPDCREA/CAU

/imobiliario

Real Estate & PropTech

Offensive security in real-estate portals, rental marketplaces, digital condominiums and credit origination.

LGPDBACEN (crédito imobiliário)

/juridico

Law Firms

Offensive security in full-service firms, boutiques and legal departments handling sensitive cases.

LGPDLei 8.906 (EOAB)

/contabil

Accounting

Offensive security in accounting firms, accounting BPO and accounting SaaS platforms.

LGPDCFC NBC

/governo

Public Sector & Government

Offensive security in federal, state and municipal agencies, autarchies and state-owned enterprises.

LGPD (Lei 14.460/2022)Decreto 9.637/2018 (PNSI)

/defesa

Defense

Offensive security and adversary emulation for armed forces, defense industry and national critical infrastructure.

ITAR (export EUA)EAR

/crypto

Crypto & Blockchain

Offensive security in exchanges, custodians, smart contracts, DeFi, NFT and blockchain infrastructure.

Lei 14.478/2022 (Marco Cripto)BACEN

/marketing

Marketing Agencies & AdTech

Offensive security in agencies, adtech platforms, DMP/CDP and growth tools.