Pentest for Supermarkets and Wholesalers
Security for POS, self-checkout, digital scales, e-commerce, loyalty programs and TEF integrations.
Why now
The real pain
Supermarkets operate on thin margins and high volume — a single POS outage costs millions per hour. ERP ransomware, digital scale fraud, loyalty program manipulation, customer base leaks. Five POS terminals offline on a busy Friday = operational chaos.
Applicable regulation
/attack-surface
Vectors we test in supermercados e atacadistas
Every engagement is designed for your environment. The points below are part of our standard playbook for this sector — final scope is adapted to your stack and contract.
Point of sale (POS) and TEF
Price manipulation, cancellation fraud, card capture and pinpad tampering.
Self-checkout
Weighing bypass, barcode fraud, verification camera integrity.
Digital scale and labeler
Tare manipulation, weighing fraud, abuse of per-kg promotions.
Loyalty program
Point manipulation, base leak, redemption fraud and subscription club.
E-commerce and delivery
Cart, coupon, payment, delivery — APIs, webhooks and anti-fraud.
Back office and ERP
SAP, Linx, supplier security, ransomware readiness and backup integrity.
/methodology
Genuinely manual pentest
Automated scanners find what's documented. Real attackers find what isn't. 90% of the work is manual — performed by specialists holding OSCP, CISSP, CRTO and GPEN.
01 · Reconnaissance
Target mapping, OSINT, footprint, sector-specific threat modeling.
02 · Discovery
Deep enumeration, complementary scanning, manual exposure identification.
03 · Exploitation
Manual validation with controlled PoC, finding chaining, escalation.
04 · Report
Executive + technical, step-by-step replication, mapped to applicable regulation.
/why-trust
Who has trusted our work
Sector prioritized in our expansion strategy across southern Brazil and Italy.
Technical assessment recognized in highly regulated, mission-critical environments — the pentest that finds what nobody had found before.
Douglas Lopes
Founder · CEO · intrus.io
/faq
FAQ — Supermercados e Atacadistas
Can you test without stopping the cashier?
Yes. Intrusive tests run in mirror environments. Only final validations touch production in agreed windows.
Can you audit the scale?
Yes. We audit firmware, POS integration and weighing fraud by product code.
/contact
Ready for a serious pentest in supermercados e atacadistas?
Schedule a confidential meeting. Within 48h we'll send a proposal with scope, timeline and pricing.