Search Results

Q: Can I request a specific report format (e.g. DOCX)? A: Yes, upon request in Pro/Enterprise plans. Q: What happens if SLA is breached? A: You may request SLA credit or refund based on agreement. Q: Is real-time reporting supported? A: Only on Enterprise plan...

What is VAaaS? GrintOps VAaaS helps detect known vulnerabilities in web apps, APIs, and exposed systems with professional-grade assessments. Ideal For Web/API product teams SaaS providers Compliance-preparing startups Plans Available Starter: Automated scan...

Steps Define scope (via portal or onboarding form) GrintOps runs vulnerability scan (OWASP, CVE-based) Analysts validate key findings (Pro+) Deliver report via portal

Executive PDF report Technical HTML report with risk details Severity ranking (CVSSv3) Patch recommendations Retesting summary (Enterprise)

What is PTaaS? Simulated, manual attacks to identify real exploitable weaknesses in your application or system. Ideal For Web apps with login/session logic Critical APIs Periodic security reviews Plans Starter: Basic recon and OWASP Top 10 testing Pro: Full...

Steps Define your target & window GrintOps assigns certified pentesters Exploitation and documentation Optional retesting after remediation Testing Methods Manual, authenticated, and blackbox testing Exploitation proof and CVSS scoring

Deliverable Items Executive summary report Full technical findings with screenshots Exploit narrative and recommendations Retest status report (Pro+)

What is PSaaS? A service to simulate realistic phishing attacks for awareness training. Use Cases Employee security testing Audit support (SOC2, ISO) Monthly internal awareness campaigns Plans Starter: Basic email campaign with static template Pro: Targeted...

Steps Choose template or create custom scenario Add targets via portal or upload CSV Schedule & launch campaign Analyze results in report Tracking Features Open rate, click rate, submission rate Timeline of victim interaction

Deliverable Items Campaign report (PDF & CSV) Department & role-based breakdown Awareness heatmap Recommended next training step

What is DOaaS? GrintOps DOaaS provides DevOps automation tailored to your application's architecture, whether monolith or microservices. Ideal For Startups needing faster CI/CD setup Companies moving to cloud-native Teams lacking in-house DevOps resources Pl...

Step 1 – Choose Your Plan Starter, Pro, or Enterprise depending on your app architecture and team needs. Step 2 – Complete DevOps Assessment Via onboarding form or assisted by our engineer. Step 3 – We Build & Automate We design CI/CD pipelines Provision envi...

Supported Stacks GitHub / GitLab / Bitbucket Docker / Kubernetes / Nomad Terraform / Pulumi / Ansible Pipeline Capabilities Build, test, deploy Rollback & artifact versioning Security scan integration (DSOaaS link) Standards GitOps practices Least privile...

Steps You define project goals & repo access GrintOps designs your pipeline as code You get: CI/CD running in staging/prod Documentation to maintain it Slack/email notifications (Pro+)

Deliverable Items CI/CD pipeline in code (YAML or config-as-code) Readme/Doc for pipeline usage GitOps deployment (Pro+) Secrets & env config setup Optional server provisioning summary

Service Level Agreements Tier Response Time Setup Time Monitoring Starter ≤ 48h 5–7 days No Pro ≤ 24h 3–5 days Basic Enterprise ≤ 12h 2–4 days Full + Alerting Monitoring and alerting requires integration with GrintOps Stack or your preferred too...

Frequently Asked Questions Q: Does this include hosting or just the CI/CD setup? A: Hosting is optional and offered as an add-on. By default, we only handle pipeline and automation. Q: Can I use my own server or cloud account? A: Yes, we support client-owned i...

What is DSOaaS? GrintOps DSOaaS embeds security controls into your CI/CD pipeline, ensuring vulnerabilities are caught before production. Ideal For Teams handling sensitive user data Compliance-driven environments (ISO, HIPAA) DevOps teams needing security ha...

Step 1 – Assessment We analyze your code stack & pipeline to match relevant security scanners. Step 2 – Pipeline Integration Security stages added as pre-deploy & post-build checks. Step 3 – Reporting & Alerts All findings accessible via portal or sent to your...

Common Integrations GitHub/GitLab runners Terraform modules Dockerfile linters Security Layers SAST (CodeQL, SonarQube) DAST (OWASP ZAP, Nikto) SCA (Grype, Trivy) Secrets/Key Leak Detection Compliance Ready SBOM generation CVE linkbacks OWASP mapping