Penetration Testing

Regulation-Compliant Penetration Tests
(BDDK, SPK, TCMB, SHGM)

Explore solutions tailored to your needs — from penetration tests aligned with the SPK, BDDK, TCMB, and SHGM regulatory frameworks to comprehensive security assessments of AWS and GCP cloud infrastructure. For our full penetration testing portfolio, see the Penetration Testing Service page, or for security testing integrated into your development lifecycle, visit the DevSecOps page.

Capital Markets Board (SPK)

SPK-Compliant Information Systems Penetration Test

Mandatory penetration testing for brokerage houses and portfolio management companies under the SPK Information Systems Communiqué. Meet your annual periodic testing obligations.

Banking Regulation and Supervision Agency (BDDK)

BDDK BSD-2012/1 Compliant Penetration Tests

Comprehensive penetration testing that satisfies BDDK Circular BSD-2012/1 requirements for banks and payment institutions. Network, application, and social engineering tests included.

TCMB Communiqué · TSE TS 13638 T2

Pentest Service Aligned with the TCMB Communiqué

Accredited pentest service for payment institutions under the Central Bank of the Republic of Türkiye payment systems communiqué and the TSE TS 13638 T2 standard.

Directorate General of Civil Aviation (SHGM)

SHGM-Compliant Airport & Airline Penetration Test

Critical-infrastructure-focused penetration testing for airport operators and airlines under the SHGM Cybersecurity Directive. Aligned with ICAO Annex 17 requirements.

Amazon Web Services · Cloud & Network

AWS Cloud & Network Penetration Test

Comprehensive cloud penetration testing covering IAM policies, S3 bucket security, VPC configuration, and API Gateway tests across your AWS infrastructure. Compliant with the AWS Pentest Policy.

Google Cloud Platform

GCP Penetration Testing Service

Expert penetration testing covering GCP IAM, Cloud Storage, Kubernetes Engine, and BigQuery across your Google Cloud infrastructure. Aligned with GCP penetration testing guidelines.

Quick Decision Guide: Which Penetration Test Fits You?

Identify your regulatory obligation or infrastructure type and get to the right service fast.

I'm a Financial Intermediary → Get tested under the SPK Information Systems Communiqué
I'm a Bank or Payment Institution → Choose BDDK BSD-2012/1 compliant penetration testing
I Operate a Payment System → Comply with the TCMB / TSE TS 13638 T2 standard
I'm in Aviation → Choose the SHGM Cybersecurity Directive test
I Run on AWS → Identify risks with the AWS Cloud & Network Pentest
I Run on Google Cloud → Validate your security with a GCP-focused penetration test

Let's Meet Your Regulatory Obligations Together

We assess your regulatory requirements and infrastructure to build a penetration testing strategy specific to you. Our expert team responds within 24 hours.

Cybersecurity Team – Uygar Aydın Online Meeting with

Let's define your penetration test scope together. In a 30-minute online meeting we set the regulation-compliant scope, the test schedule, and delivery process — then share our proposal.

  • Preliminary reconnaissance & scope validation (specific to your organization)
  • Regulation-compliant notification and reporting plan
  • Fast quoting and start-date scheduling
Formu doldurup [email protected] adresine iletebilirsiniz.