Assurance & Pentesting

Assurance that your organisation is protected

Traditionally, assurance has been associated only with IT products and systems composed of hardware or software and referred to as “product assurance” or “system assurance.” It is now recognised that to address a wider range of risks, there is a need for assurance of other security objectives such as a security service, process, personnel, organisation or other environmental factors.

Assurance may be sought by the stakeholders of IT systems who have assets at risk in IT systems. Therefore, the determination of an acceptable assurance method and level of assurance may be required/and or influenced by the stakeholders. No two organisations are alike, meaning there is no standard template to follow. You have to understand the business needs of your organisation, define and map security requirements based on the business needs, collect relevant metrics, and measure your success.

Our Assurance Offering


Our Cyber Incident Response service minimises the impact of a cyber incident on your organisation by reducing downtime and losses – operationally, financially and to your organisation’s reputation and brand. Our on-boarding process will review, test and optimise your response capability and our dedicated team of incident handlers and first responders are on standby to provide advice, guidance and remote support during the incident itself. Our service is offered on a 24/7 basis and underwritten by a service level agreement appropriate to the size, geographical location and complexity of your organisation.


Each year Risk X conducts a significant number of post-incident cyber forensic investigations for compromised payment organisations – to improve intelligence, ensure containment and advise on remediation to prevent re-occurrence. Risk X is amongst a small handful of companies authorised by the PCI SSC and the Payment Brands to investigate breaches of payment card data across South Africa.


Risk X’s Certified Ethical Hackers are skilled professionals who understands and knows how to look for weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker would, but in a lawful and legitimate manner to assess the security posture of a target system(s), thus providing our clients with an insight of the potential risks that they are exposed to.


Testing is an essential part of any security solution. Our team will set real context around the risks you face within your organisation and the criticality of these to you. This is in real world language not just a set of CVSS scores within a meaningless report.


Risk X provide Digital forensic service for the identification, preservation, analysis and documentation of electronic data for judicial purposes while maintaining data integrity of our client