BDDK sızma testi nedir?

BDDK sızma testi, Bankacılık Düzenleme ve Denetleme Kurumu'nun bankalara ve finansal kuruluşlara yönelik zorunlu kıldığı periyodik güvenlik denetimidir. Bu testler, bankacılık sistemlerinin siber saldırılara karşı direncini ölçer ve regülasyon uyumunu belgeler.

EPDK sızma testi ne sıklıkla yapılır?

EPDK düzenlemelerine göre enerji sektöründeki kritik altyapı işletmecileri yılda en az bir kez sızma testi yaptırmakla yükümlüdür. OT/SCADA sistemlerini kapsayan testler özel metodoloji gerektirir.

SPK sızma testi kim için zorunludur?

SPK düzenlemeleri kapsamında aracı kurumlar, portföy yönetim şirketleri ve diğer sermaye piyasası kuruluşları düzenli sızma testi yaptırmakla yükümlüdür.

TSE 13638 sertifikalı firma olmanın avantajı nedir?

TSE 13638 standardı, sızma testi hizmeti sunan firmaların akredite edilmesi için Türkiye'de uygulanan ulusal standarttır. TSE 13638 sertifikalı firmalarla çalışmak, yasal yükümlülüklerin karşılanmasını ve denetim süreçlerinde belgesel güvence elde edilmesini sağlar.

Sızma testi fiyatı nasıl belirlenir?

Sızma testi fiyatı; testin kapsamına, hedef sistem sayısına, test süresine, regülasyon gereksinimlerine (BDDK, EPDK, SPK, TSE, PCI-DSS) ve raporlama derinliğine göre değişir. Netlore Security ücretsiz ön görüşme ile kurumunuza özel fiyatlandırma sunar.

Corporate / Certifications

Corporate · Certifications

Our expertise is certified by independent
accreditations .

International accreditations and the individual certifications of our expert team are independent confirmation of the discipline behind every service we deliver.

ISO/IEC 27001ISO 9001ISO 20000-1TSE 13638

Explore Accreditations Team Certifications

Information Security

ISO 27001

Management assurance for data and customer information

Independently audited

National Qualification

TSE 13638

Penetration testing service qualification certificate

Service Management

ISO 20000-1

Standard for uninterrupted service management

01 — Corporate Accreditations

Compliance with standards, verified by audit

Each certificate is issued following an on-site review by an independent certification body and is maintained through regular surveillance audits.

ISO/IEC
27001:2022View certificate

Information Security Management System

Protection of customer data

The controls governing every piece of data we collect, process and store are secured by a documented system across the confidentiality, integrity and availability triad.

Penetration testingConsultancyTrainingRisk management

Certified by: IFC Global

ISO
9001:2015View certificate

Quality Management System

Repeatable delivery

Process discipline that ensures every project is planned and executed with the same rigor, placing our continuous-improvement commitment within a measurable framework.

Process qualityContinuous improvementCustomer satisfaction

Certified by: IFC Global

ISO
20000-1:2018View certificate

IT Service Management System

Continuous & measurable service

The international standard that structures our SOC and managed security services to be delivered continuously and consistently with defined service levels (SLA).

SOCSLA managementIncident management

Certified by: IFC Global

TSE
13638

Penetration Testing Service Qualification Certificate

Regulation-compliant pentest capability

A national qualification registered by the Turkish Standards Institution; it is the basis of our competence to deliver the penetration tests required by regulators (BDDK, EPDK, SPK).

Penetration testingNational standardRegulation

Certified by: Turkish Standards Institution (TSE)

02 — From Certificate to Value

What does each certificate make possible for you?

Accreditations are not wall decorations. Below you will find what each standard means on the business and compliance side.

Standard

What it means for you

Compliance & use

ISO/IEC 27001

Your data is protected by an audited information security management system.

KVKKBGYSSupplier audit

TSE 13638

We competently carry out the penetration tests mandated by regulatory authorities.

BDDKEPDKSPKTSE

ISO 20000-1

SOC and monitoring services run uninterrupted with defined service levels.

SLA7/24 SOCIncident response

ISO 9001

Whichever project you work on, you receive the same quality and reporting discipline.

Process qualityReporting

03 — Commitment to Excellence

A certificate is not an end, but proof of continuous learning

At Netlore Security, professional certifications are not merely credentials; they represent our team's deep expertise, habit of continuous learning and determination to stay at the forefront of cybersecurity.

We guarantee every member's access to the training, certifications and lab resources needed to deliver world-class service. This investment means our clients benefit directly from the most up-to-date techniques, tactics and best practices.

200+

Training hours / year

Average per expert

Corporate accreditations

ISO 27001 · 9001 · 20000-1 · TSE

10+

Individual certification types

Across offensive, defensive and OT domains

04 — Team Certifications

The people behind the certificates

We have grouped our experts' individual certifications by the discipline they work in.

Offensive Security5 certificates

OSCPOffensive Security

OSWEWeb Expert

eWPTWeb Pentester

eCPPTPro Pentester

CEHEthical Hacker

Defensive & Incident Response2 certificates

GCIHIncident Handler

Security+CompTIA

Industrial (OT/ICS)1 certificates

GICSPICS Security Pro

National & Platform2 certificates

TSE ExpertPenetration Testing

SPLPlatform expertise

Next step

Ready to work with a certified team?

Let's define the right scope for your needs together, clarifying every detail from your regulatory requirements to your technical expectations.

Get a Quote

Offensive Services

Defensive Services

Training & Consultancy

Security & Compliance

Intelligence & Consulting

Products

Critical Infrastructure

Commercial Sectors

Our expertise is certified by independent
accreditations .