IT EN
Client Portal →
sales@10punto10.eu · 02 87176855
Offensive cybersecurity

Test your defense
before someone else
does.

Vulnerability Assessment and Penetration Testing with offensive methodology. We find what an attacker would find, before they actually arrive.

Request an assessment → How we work
PTES + OWASP Report remediation-ready NIS2 mapping included Powered by NEXUS

The attacker's
perspective

Diego Sarnataro, CEO of 10punto10, comes from offensive cybersecurity. Before building defenses, he tore them apart. This is not a biographical detail: it is the method we use to look at every infrastructure.

A VAPT is not a compliance checkbox. It is a simulated attack, with real tools, against your real defenses. If there is something to find, we find it. If there is not, we tell you that too.

CVE
NVD + CISA KEV as the baseline for every assessment
0
Unverified false positives: every finding is manually confirmed
EU
Reports and data on Oracle Cloud Italy infrastructure
NIS2
Automatic Art. 21 mapping included in the report

What we do

Four assessment areas, combinable based on your infrastructure. Each activity produces a separate report, but we integrate them all into NEXUS.

01

Vulnerability Assessment

Systematic infrastructure scanning with OpenVAS, Nessus, and Nuclei. Every vulnerability classified by CVSS, every false positive verified by hand. The result: a clean list of what actually matters, not 200 pages of raw output.

  • OpenVAS · Nessus · Nuclei
  • CVSS v3.1 classification
  • Manual verification of every finding
02

Penetration Test

Simulated attack on infrastructure, web applications, and endpoints. PTES + OWASP methodology. BloodHound for Active Directory, OWASP ZAP for web apps, custom tools where needed. The goal: understand how far a real attacker would get.

  • BloodHound · OWASP ZAP
  • PTES methodology
  • Proof-of-concept for every critical finding
03

Cloud Security Assessment

Security posture on Azure, AWS, and GCP with Prowler and ScubaGear. Microsoft 365 audit included: configurations, permissions, Secure Score, legacy access. CIS Benchmark and NIS2 reference.

  • Prowler · ScubaGear
  • Microsoft 365 Secure Score audit
  • CIS Benchmark alignment
04

Active Directory Audit

BloodHound and SharpHound to map privilege escalation paths in AD. Most SMBs have AD configurations that allow escalation from standard user to Domain Admin in just a few steps. We find it, show it to you, and help you close it.

  • BloodHound · SharpHound
  • Privilege escalation paths
  • Anomalous ACLs and delegations

The report that actually matters

You do not receive a PDF with 150 vulnerabilities sorted by CVSS score. You receive a document that separates what is urgent from what is theoretical.

Every finding includes: technical description, real impact on your business, proof-of-concept where possible, precise remediation steps.

Two distinct sections: one for the engineer who needs to fix things, one for the manager who needs to understand the risk.

📋
Executive summary Risk in non-technical language, for decision makers
🔬
Technical findings Every vulnerability with PoC and remediation steps
⚖️
NIS2 mapping Automatic alignment with NIS2 Art. 21
📈
Remediation tracking Vulnerabilities enter NEXUS as Issues with SLAs
Integrated with NEXUS

Remediation tracking
is not an email

VAPT results go directly into NEXUS. Every vulnerability becomes an Issue with an owner, priority, and remediation SLA. You can see the status in real time, and the NOC team follows up until closure.

Nobody disappears after the report is delivered.

Discover NEXUS →
Live
Remediation status visible in real time on NEXUS
SLA
Priorities and deadlines defined for every finding
PDF
On-demand report downloadable for ACN audits

Frequently asked questions

How long does a VAPT take?
It depends on the scope. A vulnerability assessment on a standard corporate network takes 3-5 business days. A full penetration test on infrastructure, web apps, and Active Directory takes 1-2 weeks. We define the exact timeline after the kick-off call, once the scope is clear.
Does the VAPT disrupt production?
No. We work in non-destructive mode by default. If more aggressive scenarios need testing, such as stress tests or DoS simulations, we schedule them in an off-hours window agreed with you.
What happens after the report?
Remediation tracking is included in the service. Critical vulnerabilities are followed until confirmed closure. If you have NOC10 active, your team can see the status in real time on NEXUS. If you do not have NOC10, you receive updates via periodic reports.
Does the VAPT satisfy NIS2 requirements?
Yes. NIS2 (Art. 21) requires periodic security posture assessments. Our report includes automatic NIS2 mapping for the relevant articles. The format is ready for an ACN inspection.
Do you also perform VAPT on internally developed web applications?
Yes. OWASP ZAP and manual testing on the OWASP Top 10. We also handle REST APIs and mobile applications if they are in scope. Tell us what you have and we will tell you what makes sense to test.

Ready to find out where you are vulnerable?

First step: a 30-minute call. We tell you what makes sense to test for your infrastructure, with timelines and costs. No commitment.

Let's talk about your assessment → 📞 02 87176855