We are looking for an experienced penetration tester / ethical hacker to conduct a comprehensive security assessment of our cybersecurity awareness platform and its products.
About Mantra
Mantra (mantra.ms) is a cybersecurity awareness platform that empowers teams against hackers through automated phishing simulation, real-time awareness tools, and security training. Our platform serves businesses and MSPs across multiple environments.
Scope of Work
The penetration test must cover the following products and components:
1. Core Platform – The main Mantra platform (web application, authentication, user management, dashboards)
2. Video Awareness – Our video-based cybersecurity awareness training module
3. MSP Portal – The Managed Service Provider portal and multi-tenant management interface
4. Company Resources – Internal company resources and asset management features
5. Public API – All public-facing API endpoints, authentication mechanisms, and data handling
Deliverables
- Comprehensive penetration test report (PDF) covering all products listed above
- Vulnerability classification by severity (Critical, High, Medium, Low, Informational)
- Proof of concept for identified vulnerabilities
- Remediation recommendations for each finding
- Executive summary suitable for management review
Requirements
- Proven experience in web application penetration testing
- Strong knowledge of OWASP Top 10 and API security testing (OWASP API Top 10)
- Experience with multi-tenant SaaS platform testing
- Ability to provide a professional penetration test report
- Availability to start within the next 2 weeks
Timeline: 2-3 weeks from start date