Vulnerability Assessment and Penetration Testing

Shield IT's vulnerability assessment and penetration testing team provide a comprehensive suite of services to help enterprises build deep understanding of their cyber risk exposure and readiness to contain and mitigate risk.

From an initial readiness assessment to baselining your team’s incident response capabilities, Shield IT can develop and improve your IR plans and help you combat attacks and/or immediately recover from a breach.

Shield IT's assessment and testing services include:


Incident Response Plan

Shield IT team perform a readiness review to determine your Incident Response plan maturity. Then, we develop or update your emergency response plan, incorporating the personnel and procedures needed to identify, contain, and respond to cyber threats.



MANEE Vulnerability Identification Services

MANEE is a Saudi cybersecurity platform that enables organisations to conduct automated, recurring vulnerability scans to identify and investigate vulnerabilities in IT environments, in near real-time, using our cloud-based dashboard.                         

Shield IT complements that with periodic penetration testing, dark web intelligence gathering, and user awareness training.


Compromise Assessment

We examine your computing environment for malicious activity to uncover attack history and breach exposure, enabling you to identify or confirm compromised data and initiate proper response.


Shield IT converges internal and external cyber defence capabilities into outcomes-based, cloud-native platforms. Our approach revolves around three pillars — technology, telemetry and talent — that deliver rock-solid cyber defence capabilities.

We work with clients on retainer basis that ensure rapid pre-negotiated pricing, and reduced response time during an incident.



Red Team Testing

Shield IT conducts collaborative threat detection and management tests, in which we pit our analysts (red team) against your Security Operations personnel (blue team) – usually unaware of the red team's intent to test company's ability to detect, respond, and mitigate advanced threats.

We run this adversarial-based attack simulation against people, software, hardware and facilities simultaneously. And unlike a standard penetration test that assesses overall security posture, a red team exercise focuses on the absolute security of your company's "crown jewels" – the information you deem as invaluable.

This test returns impressive insights into the security posture of your diverse assets and enables you to take steps to rectify vulnerabilities proactively.

Red Teaming Chart

Shield IT conducts its red team tests by highly trained security consultants to:

  • Identify physical, hardware, software, and human vulnerabilities
  • Obtain a more realistic understanding of risk for your organisation
  • Help address and fix all identified security weaknesses

If your organisation has a mature security program and seeks to squash potential vulnerabilities beyond your technology architecture, red teaming is a great proactive step.


Threat Hunting Assessment

Cyber threat hunting is a proactive security search through networks, endpoints, and datasets to hunt malicious, suspicious, or risky activities that evade detection by existing tools.

Shield IT conducts enhanced hunting exercises that factor in automation, machine learning, and user and entity behavior analytics (UEBA) technology to alert internal security teams of potential risks .

Once actual or potential risk is identified, and frequency of a hunt is determined, we initiate an investigation. Examples of cyber threat hunting investigations include:

  • Hypothesis-driven Investigations: When significant information of a new, imminent threat vector is discovered, cyber threat hunting delves deeper into network or system logs to find hidden anomalies or trends that could signal a new threat.
  • Analytics-driven investigations: Searches based on information gathered from Machine Learning (ML) and Artificial Intelligence (AI) tools.
  • Tactics, Techniques, and Procedures (TTP) Investigations: Hunting for attack mannerisms employing the same operational tactics, whereby we can source or attribute the threat and leverage existing remediation methods.


Shield IT's Maturity Model


Shield IT helps clients build or develop threat hunting maturity models defined by the quantity and quality of data the organisation collects from its IT environment.


The SANS  Institute identifies a threat hunting maturity model as follows:


  • Initial: At Level 0 maturity an organisation relies primarily on automated reporting and does little or no routine data collection.
  • Minimal: At Level 1 maturity an organisation incorporates threat intelligence indicator searches. It has a moderate or high level of routine data collection.
  • Procedural: At Level 2 maturity an organisation follows analysis procedures created by others. It has a high or extremely high level of routine data collection.
  • Innovative: At Level 3 maturity an organisation creates new data analysis procedures. It has a high or extremely high level of routine data collection.
  • Leading: At Level 4 maturity, an organisation automates the majority of successful data analysis procedures. It has a high to extremely high level of routine data collection).

Shield IT works with clients to scale up hunting maturity no matter where they stand on the SANS ladder.


Application Security Tests


Application security testing (AST) is the process of making applications more resistant to security threats, by identifying security weaknesses and vulnerabilities in source code.

AST started as a manual process. Then owing to a growing modularity of enterprise software, the huge number of open-source components, and the large number of known vulnerabilities and threat vectors, AST must be automated.


At Shield IT, we enable our clients to use a combination of application security tools to ensure optimal protection. We offer several modes of software testing that include static, dynamic and interactive application testing along the development process.



Static Application Security Testing (SAST)

SAST tools use a white box testing approach, in which testers inspect the inner workings of an application. SAST inspects static source code and reports on security weaknesses.

At Shield IT, we apply static testing tools to non-compiled code to find issues like syntax errors, math errors, input validation issues, invalid or insecure references. They can also run on compiled code using binary and byte-code analysers.

Dynamic Application Security Testing (DAST)

DAST tools take a black box testing bapproach. They execute code and inspect it in runtime, detecting issues that may represent security vulnerabilities. This can include issues with query strings, requests and responses, the use of scripts, memory leakage, cookie and session handling, authentication, execution of third-party components, data injection, and DOM injection.

We advise our clients to use DAST tools to conduct large-scale scans simulating a large number of unexpected or malicious test cases and reporting on applications response.

Interactive Application Security Testing (IAST)

IAST tools are the evolution of SAST and DAST altogether— combining two approaches to detect a wider range of vulnerabilities. IAST tools run dynamically and inspect software during runtime; while running from within the application server, allowing them to inspect compiled source code too.

Shield IT recommends IAST tools to discover the root cause of vulnerabilities and the specific lines of code affected, ahead of remediation action. Using IAST, we analyse source code, data flow, configuration and third-party libraries.

Mobile Application Security Testing (MAST)

MAST tools combine static analysis, dynamic analysis and investigation of forensic data generated by mobile applications. They test for security vulnerabilities like 


 SAST, DAST and IAST while addressing mobile-specific issues like jailbreaking, malicious WIFI networks, and data leakage from mobile devices.

Software Composition Analysis (SCA)

SCA tools help organisations conduct an inventory of third-party commercial and open-source components used within their software. Enterprise applications use thousands of third-party components, which may contain vulnerabilities.

Shield IT advises clients to apply SCA to understand which components and versions are being used, identify the most severe vulnerabilities affecting components, and find an easy way for remediation.

Runtime Application Self-Protection (RASP)

RASP tools evolved from SAST, DAST and IAST; and is administered to analyse application traffic and


 user behavior at runtime, and detect and prevent cyber threats.

RASP provides visibility into application source code and analyses weaknesses and vulnerabilities. It goes a step further identifying whether weaknesses have been exploited, while providing active protection by terminating the session or issuing an alert.

Shield IT uses RASP tools to integrate with applications and analyse traffic at runtime and prevent attacks.

Reach out to us to discuss your app testing requirements.

Infrastructure Services


Shield IT works with governments and the private sector to assist them in improving critical infrastructure and developing a cybersecurity program with organisational awareness and processes to manage risks to systems, assets, data, controls, and capabilities within their information technology and operational technology systems.

We help our clients analyse their readiness for potential security breaches, and take actions to minimise risks.


The attacks on critical infrastructure are a growing concern worldwide, in the GCC and Saudi Arabia specifically. For critical infrastructure, a cyberattack could mean loss of life or strategic assets, not just recoverable marginal loss.

Shield IT helps organisations focus on improving cyber security hygiene for critical infrastructure, including streamlining incident response and risk mitigation to strengthen security awareness and communications.

Shield IT has experts in security consulting, incident response, data breach incident management, forensics and electronic discovery who support or supplement your team, and double on your efforts of transforming security culture and critical infrastructure protection.

Transformation Services

When it comes to formulating and executing cyber security plans, Shield IT can be your trusted partner. Our cyber security expertise is unrivalled, both for short-term strategy engagements and for long-term undertakings.

Developing the digital mindset

We develop a cyber security digital mindset in your teams and empower them to depart from a legacy security architecture to adaptive, future-proof technology solutions that fully support their digital ambitions and transformations mandates.


Technology adoption and adaptation

We assist customers in facilitating the adoption of new tools and technologies, and help their teams adapt through seamless training and development.


Establishing key security metrics

We work on establishing key security metrics across your organisation that lay a solid foundation for your security program.



Ensuring compliance

Through awareness building, we work with teams to manage the change mindset and minimise resistance to emerging national and international compliance requirements.



Virtual CISO (vCISO)


Shield IT serves as external extension to your CISO office, whereby we support your teams and help streamline your operations.

Our CISO support includes providing external teams and advisors with cross-industry experience to meet every distinct need. Service advantages include: 


Minimum investment for top talent

Skills shortage make it expensive to hire and retain top professionals.


Smooth implementation

Complex advice by external consultancies usually requires capable internal resources to implement and measure.


Cross-disciplinary knowledge at hand

Enhancing your teams with cross-sectoral external consultants.


No administration burdens

Addressing inflexible billing tactics and complicated procedures that aim to stretch length of contracts.


Shield IT's Virtual CISO services span the following domains:








Request Service