VulnXperts Consultancy W.L.L

BACKGROUND

Please describe your company and position.

 I am the Product Owner of a government company 

Describe what your company does in a single sentence.

VulnXperts provided a comprehensive web application Vulnerability Assessment and Penetration Testing (VAPT) service, including security testing, vulnerability identification, risk validation, evidence collection, reporting, and remediation guidance. The engagement was delivered professionally and supported through post-assessment discussions with the development vendor.

VulnXperts delivered the VAPT engagement professionally and according to the agreed scope and timeline. The findings were clearly documented with appropriate risk ratings, supporting evidence, and practical remediation recommendations. The team's willingness to support post-delivery discussions with our vendor added significant value and helped facilitate remediation efforts effectively.

As the security assessment was conducted ahead of the website launch, VulnXperts demonstrated excellent responsiveness and flexibility, working effectively with our overseas development vendor and accommodating tight project timelines. Their clear reporting, practical recommendations, and ongoing support were instrumental in helping us address security findings before deployment.

OPPORTUNITY / CHALLENGE

What specific goals or objectives did you hire VulnXperts Consultancy W.L.L to accomplish?

• Deliver a web application vulnerability assessment and penetration testing (VAPT) engagement for the client’s application. Identify security vulnerabilities, validate risks, and provide clear remediation recommendations before the application moves to production.

SOLUTION

How did you find VulnXperts Consultancy W.L.L?

• Online Search
• Referral

Why did you select VulnXperts Consultancy W.L.L over others?

• High ratings
• Close to my geographic location
• Good value for cost
• Referred to me
• Company values aligned

How many teammates from VulnXperts Consultancy W.L.L were assigned to this project?

2-5 Employees

Describe the scope of work in detail. Please include a summary of key deliverables.

The scope of work included conducting a comprehensive Vulnerability Assessment and Penetration Testing (VAPT) engagement for the Career World web application prior to its production launch. The provider reviewed the agreed application environment, performed security testing to identify and validate vulnerabilities, assessed associated risks, and collected supporting evidence. Key deliverables included a detailed VAPT report outlining findings, risk ratings, evidence, and remediation recommendations, along with a project plan, vulnerability tracker, and supporting evidence documentation. The provider also delivered post-assessment support by participating in discussions with the overseas development vendor, clarifying findings, and providing practical guidance to facilitate timely remediation before launch.

RESULTS & FEEDBACK

What were the measurable outcomes from the project that demonstrate progress or success?

The engagement successfully identified and validated security vulnerabilities within the web application before its production launch, enabling remediation activities to be completed prior to deployment. A comprehensive VAPT report, vulnerability tracker, and supporting evidence were delivered, providing clear visibility into identified risks and recommended actions. The provider's responsiveness and collaboration with the overseas development vendor helped accelerate remediation efforts and ensure security findings were addressed within the project's compressed timeline. As a result, the application was able to proceed toward launch with improved security posture and reduced cybersecurity risk.

Describe their project management. Did they deliver items on time? How did they respond to your needs?

The project was managed effectively and delivered within the agreed timeframe despite the tight schedule associated with the website’s planned launch. The team was highly responsive to our needs, maintaining clear communication throughout the engagement and promptly addressing questions and requests. They demonstrated flexibility in coordinating with our overseas development vendor across different time zones and adapted well to our pressing timelines. In addition, they provided a client penetration testing portal that allowed us to transparently track vulnerabilities, review evidence, and access reports in real time, which significantly improved visibility and coordination during the remediation process. Their proactive approach and commitment to timely delivery contributed to the successful completion of the engagement.

What was your primary form of communication with VulnXperts Consultancy W.L.L?

• In-Person Meeting
• Virtual Meeting
• Email or Messaging App

What did you find most impressive or unique about this company?

What stood out most about the company was their strong technical expertise in web application security testing combined with a highly responsive and prompt approach throughout the engagement. They were consistently quick to address queries, adapt to tight timelines, and coordinate effectively with our overseas development vendor, which was critical given the pre-launch nature of the project. Another notable aspect was their use of a client penetration testing portal, which provided real-time visibility into vulnerabilities, evidence, and reports, significantly improving transparency and collaboration during remediation. Overall, their combination of expertise, responsiveness, and structured delivery approach made the engagement particularly effective and easy to manage.

Are there any areas for improvement or something VulnXperts Consultancy W.L.L could have done differently?

Nothing.

BACKGROUND

Please describe your company and position.

 I am the Lead Digital Operations of a financial services company 

Describe what your company does in a single sentence.

Alternative Investments

OPPORTUNITY / CHALLENGE

What specific goals or objectives did you hire VulnXperts Consultancy W.L.L to accomplish?

• Verify MFA and trusted-device controls across mobile and web authentication.
• Validate mobile application hardening controls.
• Assess protection for Mobile App

SOLUTION

How did you find VulnXperts Consultancy W.L.L?

Referral

Why did you select VulnXperts Consultancy W.L.L over others?

• Close to my geographic location
• Pricing fit our budget
• Great culture fit
• Good value for cost

How many teammates from VulnXperts Consultancy W.L.L were assigned to this project?

1 Employee

Describe the scope of work in detail. Please include a summary of key deliverables.

Performed validation of mobile & web security controls, including device integrity checks, runtime protections, secure communications, application hardening, and authentication safeguards.

RESULTS & FEEDBACK

What were the measurable outcomes from the project that demonstrate progress or success?

Delivered a complete validation report and supporting project artifacts.

Identified and documented security observations with supporting technical evidence and recommendations

Describe their project management. Did they deliver items on time? How did they respond to your needs?

The project was well managed, with clear communication, regular progress updates, and effective coordination throughout the engagement. The team was responsive to our requirements, promptly addressing questions, clarifying findings, and accommodating feedback.

What was your primary form of communication with VulnXperts Consultancy W.L.L?

• Virtual Meeting
• Email or Messaging App

What did you find most impressive or unique about this company?

Their ability to identify security gaps, validate controls, and provide meaningful guidance added significant value beyond the core assessment.

Are there any areas for improvement or something VulnXperts Consultancy W.L.L could have done differently?

Overall, the engagement was well executed, and no significant improvements were identified.

BACKGROUND

Please describe your company and position.

I am the Assistant IT Manager, Security Officer of ALYOUSUF EXCHANGES & MONEY TRANSFERS B.S.C. CLOSED

Describe what your company does in a single sentence.

Financial sector, Transfer and money exchange 

OPPORTUNITY / CHALLENGE

What specific goals or objectives did you hire VulnXperts Consultancy W.L.L to accomplish?

• VulnXperts Consultancy W.L.L was hired to perform a Vulnerability Assessment and Penetration Test (VAPT) to identify security vulnerabilities, assess risks, and recommend corrective actions to strengthen the security of our IT systems and network.

SOLUTION

How did you find VulnXperts Consultancy W.L.L?

Other

Why did you select VulnXperts Consultancy W.L.L over others?

• High ratings
• Good value for cost
• Company values aligned

How many teammates from VulnXperts Consultancy W.L.L were assigned to this project?

2-5 Employees

Describe the scope of work in detail. Please include a summary of key deliverables.

Scope of Work: VulnXperts Consultancy W.L.L was engaged to perform a Vulnerability Assessment and Penetration Test (VAPT) on the organization's IT infrastructure, network environment, servers, systems, and applications. The assessment included identifying security vulnerabilities, evaluating potential threats and risks, validating security controls, and assessing the overall security posture of the environment.

Key Deliverables:

1. Comprehensive vulnerability assessment of in-scope systems, networks, and applications.
2. Penetration testing to identify and validate exploitable security weaknesses.
3. Detailed technical report outlining identified vulnerabilities and associated risk ratings.
4. Executive summary highlighting key findings, business impact, and overall security posture.
5. Remediation recommendations and corrective action plans for addressing identified vulnerabilities.
6. Risk prioritization to support efficient remediation efforts.
7. Final VAPT report and presentation of findings to relevant stakeholders.
8. Retesting and validation of remediated vulnerabilities (if included in the engagement scope).

The project provided a clear understanding of the organization's security risks and actionable recommendations to strengthen cybersecurity controls and improve the overall security of the IT environment.

RESULTS & FEEDBACK

What were the measurable outcomes from the project that demonstrate progress or success?

The project successfully identified and assessed security vulnerabilities within the organization's IT infrastructure, systems, and applications. Through the Vulnerability Assessment and Penetration Testing (VAPT) exercise, potential security risks were evaluated and prioritized based on their severity and business impact.

Measurable outcomes included:

• Identification and documentation of security vulnerabilities across the in-scope environment.
• Classification of findings by risk level (Critical, High, Medium, and Low).
• Validation of existing security controls and identification of security gaps.
• Delivery of a comprehensive VAPT report with actionable remediation recommendations.
• Improved visibility into the organization's cybersecurity posture and risk exposure.
• Support for compliance and security governance requirements through independent security testing.
• Reduction of identified security risks through remediation activities based on the assessment findings.
• Enhanced awareness of security best practices and areas requiring improvement.

These outcomes provided management with a clear understanding of the organization's security posture and a roadmap for strengthening its cybersecurity defenses.

Describe their project management. Did they deliver items on time? How did they respond to your needs?

VulnXperts Consultancy W.L.L demonstrated effective project management throughout the engagement. The project was well-organized, with clear communication, defined timelines, and regular updates on progress.

All agreed deliverables were provided on time and in accordance with the project scope. The team was responsive to our requirements, promptly addressing questions and concerns, and providing clarification whenever needed. They maintained professional communication throughout the project and were flexible in accommodating our operational needs and scheduling requirements.

Their timely delivery, technical expertise, and responsiveness contributed to the successful completion of the Vulnerability Assessment and Penetration Testing (VAPT) project.

What was your primary form of communication with VulnXperts Consultancy W.L.L?

• In-Person Meeting
• Virtual Meeting
• Email or Messaging App

What did you find most impressive or unique about this company?

What impressed us most about VulnXperts Consultancy W.L.L was their strong technical expertise, professionalism, and thorough approach to cybersecurity assessments. Their team demonstrated a deep understanding of security risks and provided clear, practical recommendations tailored to our environment.

We also appreciated their responsiveness, attention to detail, and ability to explain technical findings in a manner that was understandable to both technical and non-technical stakeholders. Their comprehensive reporting, risk-based approach, and commitment to helping us improve our security posture made the engagement particularly valuable.

Are there any areas for improvement or something VulnXperts Consultancy W.L.L could have done differently?

We did not identify any significant areas for improvement. VulnXperts Consultancy W.L.L met our expectations in terms of quality, communication, responsiveness, and timely delivery. The engagement was handled professionally, and the project objectives were successfully achieved.

BACKGROUND

Please describe your company and position.

 I am the Head of Business Development of an information technology company 

Describe what your company does in a single sentence.

We provide cybersecurity consulting, security assessments, penetration testing, and technology solutions to help organizations manage cyber risks and improve their security posture.

OPPORTUNITY / CHALLENGE

What specific goals or objectives did you hire VulnXperts Consultancy W.L.L to accomplish?

• Conduct comprehensive vulnerability assessment and penetration testing across internal infrastructure, external-facing assets, and web applications.
• Identify, validate, and prioritize security vulnerabilities, misconfigurations, and exploitable attack paths.
• Deliver detailed technical findings, evidence-based reporting, risk ratings, and actionable remediation recommendations to support risk reduction.

SOLUTION

How did you find VulnXperts Consultancy W.L.L?

• Online Search
• Referral

Why did you select VulnXperts Consultancy W.L.L over others?

• High ratings
• Close to my geographic location
• Pricing fit our budget
• Great culture fit
• Good value for cost
• Referred to me
• Company values aligned

How many teammates from VulnXperts Consultancy W.L.L were assigned to this project?

2-5 Employees

Describe the scope of work in detail. Please include a summary of key deliverables.

VulnXperts supported the delivery of a white-label VAPT engagement covering internal network, external network, and web application security testing. Their scope included vulnerability discovery, manual validation, penetration testing, risk analysis, and evidence collection. Key deliverables included detailed VAPT reports, a project plan, vulnerability tracker, supporting evidence, executive and technical findings, and remediation recommendations. They also coordinated closely with our team throughout the engagement to ensure timely delivery and alignment with project objectives.

RESULTS & FEEDBACK

What were the measurable outcomes from the project that demonstrate progress or success?

The engagement successfully identified and validated security vulnerabilities across the internal network, external-facing assets, and web application environment. All findings were documented with supporting evidence, risk ratings, and remediation recommendations. The project was delivered on schedule with complete technical documentation, enabling effective remediation planning and risk reduction.

Describe their project management. Did they deliver items on time? How did they respond to your needs?

Their project management was well organized and professional throughout the engagement. Deliverables were provided on time, communication was clear, and they were responsive to requests and scope-related discussions. They coordinated effectively with our team, provided regular updates on testing progress, and quickly addressed any questions or clarifications. They also provided access to a dedicated VAPT portal, which helped streamline vulnerability tracking, evidence review, and project visibility throughout the engagement.

What was your primary form of communication with VulnXperts Consultancy W.L.L?

• Virtual Meeting
• Email or Messaging App

What did you find most impressive or unique about this company?

What impressed us most was their strong technical expertise and senior-led approach. The quality of the testing, validation, and reporting was excellent, and their VAPT portal provided clear visibility into findings and remediation progress throughout the engagement.

Are there any areas for improvement or something VulnXperts Consultancy W.L.L could have done differently?

No areas for improvement.

BACKGROUND

Please describe your company and position.

 I am the Information & Cyber Security Director of a financial services company 

Describe what your company does in a single sentence.

Financial services company that provides consumer and corporate loans and credit cards.

OPPORTUNITY / CHALLENGE

What specific goals or objectives did you hire VulnXperts Consultancy W.L.L to accomplish?

• Vulnerability assessment and penetration testing

SOLUTION

How did you find VulnXperts Consultancy W.L.L?

Other

Why did you select VulnXperts Consultancy W.L.L over others?

• High ratings
• Close to my geographic location
• Good value for cost
• Referred to me

How many teammates from VulnXperts Consultancy W.L.L were assigned to this project?

1 Employee

Describe the scope of work in detail. Please include a summary of key deliverables.

A vulnerability assessment and penetration testing engagement that included both black box and grey box testing of multiple on prem and cloud based systems. Testing was conducted in line with the regulatory requirements to identify any security technical vulnerabilities or technical issues in publicly published online services.

The activities included multiple cycles of testing done every six months along with a re-testing activity for mitigation validation after each cycle.

RESULTS & FEEDBACK

What were the measurable outcomes from the project that demonstrate progress or success?

• Enhanced overall security of online applications.
• Identification of legacy security issues that were not detected for years despite multiple previous testing rounds by other vendors.
• In depth review of configuration and recommendations to enhance application performance and resilience.

Describe their project management. Did they deliver items on time? How did they respond to your needs?

The team met the target dates effectively, catered for changes caused by internal delays and went the extra mile to ensure we meet our reporting deadlines.

What was your primary form of communication with VulnXperts Consultancy W.L.L?

• Virtual Meeting
• Email or Messaging App

What did you find most impressive or unique about this company?

They had an outstanding local technical skill, partnership mentality, and prioritization of bringing value into the engagement.

Are there any areas for improvement or something VulnXperts Consultancy W.L.L could have done differently?

Nothing of note.

BACKGROUND

Introduce your business and what you do there.

I’m the CISO of Rain Management WLL, a cryptocurrency brokerage that provides digital asset trading and storage services across the Middle East and Turkey.

OPPORTUNITY / CHALLENGE

What challenge were you trying to address with VulnXperts Consultancy W.L.L?

We needed help with a cybersecurity assessment for regulatory purposes.

SOLUTION

What was the scope of their involvement?

VulnXperts Consultancy W.L.L delivered a cybersecurity assessment covering mobile application VAPT, web application VAPT, secure design review, and a technical training session for our team. The VAPT activities included scope alignment, access coordination, testing setup, security testing, vulnerability validation, evidence collection, risk rating, and remediation guidance across the agreed applications and supporting APIs.

The secure design review covered application design, architecture, security controls, data flows, trust boundaries, and key risk areas, with practical recommendations provided before or during implementation. VulnXperts Consultancy W.L.L also delivered a technical knowledge-sharing session covering key findings, common security weaknesses, secure design considerations, and remediation approaches.

What is the team composition?

We worked with 2–5 teammates from VulnXperts Consultancy W.L.L.

How did you come to work with VulnXperts Consultancy W.L.L?

We met the founder of VulnXperts Consultancy W.L.L at an event and was impressed with his knowledge and expertise. We chose them because their company values aligned with ours, and they demonstrated a great alignment with our core values in handling information security as a key pillar in our organization.

What is the status of this engagement?

We worked together from February to March 2026.

RESULTS & FEEDBACK

What evidence can you share that demonstrates the impact of the engagement?

VulnXperts Consultancy W.L.L has delivered an assessment report for regulatory purposes. Their work has helped us reduce vulnerabilities.

How did VulnXperts Consultancy W.L.L perform from a project management standpoint?

VulnXperts Consultancy W.L.L’s project management is good; they deliver on time. We communicate via in-person meetings, virtual meetings, and emails or messaging apps.

What did you find most impressive about them?

We’re kept in the loop at all times.

Are there any areas they could improve?

There’s nothing they need to improve.

BACKGROUND

Introduce your business and what you do there.

I’m the information security head of Tamkeen, a government organization that empowers enterprises and develops local talent to drive private sector growth and support a sustainable, competitive economy.

OPPORTUNITY / CHALLENGE

What specific goals or objectives did you hire VulnXperts Consultancy W.L.L to accomplish for Tamkeen?

We hired VulnXperts Consultancy W.L.L for vulnerability assessment and penetration testing.

SOLUTION

What was the scope of their involvement?

VulnXperts Consultancy W.L.L conducted a one-time security assessment with a subsequent revalidation (rescan) phase. The assessment covered two web applications for vulnerability assessment and penetration testing (black-box and gray-box): our main website and our service portal.

What is the team composition?

We worked with one teammate from VulnXperts Consultancy W.L.L.

How did you come to work with VulnXperts Consultancy W.L.L?

Someone referred VulnXperts Consultancy W.L.L to me. We chose them because their pricing fit our budget, they offered good value for the cost, and their company values aligned with ours.

What is the status of this engagement?

We worked together from March to April 2026.

RESULTS & FEEDBACK

What evidence can you share that demonstrates the impact of the engagement?

We had a second round of testing after closing the vulnerabilities, and all of them were resolved.

How did VulnXperts Consultancy W.L.L perform from a project management standpoint?

VulnXperts Consultancy W.L.L's project management was very manageable, and they delivered on time. We communicated via in-person and virtual meetings.

What did you find most impressive about them?

We were impressed by VulnXperts Consultancy W.L.L's transparency, commitment, and confidentiality.

Are there any areas they could improve?

They could offer access to a project management platform to follow up on the project's progress.