Skip to main content

Compliance pentest

Pentest scoping by framework and industry

Practical guides for CISOs scoping penetration testing under DORA, NIS2, ISO 27001, SOC 2 and PCI DSS. Each guide focuses on a single regulator citation and a single industry, with concrete examples and an honest fit assessment.

DORA

Digital Operational Resilience Act

ISO 27001

ISO/IEC 27001:2022 Information Security Management

NIS2

Network and Information Security Directive 2

SOC 2

AICPA SOC 2 Trust Services Criteria

PCI DSS

Payment Card Industry Data Security Standard 4.0

Need pentest scoping for a framework or industry not listed?Book a demo

Privacy Settings

This site uses third-party website tracking technologies to provide and continually improve our services, and to display information according to users' interests. I agree and may revoke or change my consent at any time with effect for the future.