BDDK sızma testi nedir?

BDDK sızma testi, Bankacılık Düzenleme ve Denetleme Kurumu'nun bankalara ve finansal kuruluşlara yönelik zorunlu kıldığı periyodik güvenlik denetimidir. Bu testler, bankacılık sistemlerinin siber saldırılara karşı direncini ölçer ve regülasyon uyumunu belgeler.

EPDK sızma testi ne sıklıkla yapılır?

EPDK düzenlemelerine göre enerji sektöründeki kritik altyapı işletmecileri yılda en az bir kez sızma testi yaptırmakla yükümlüdür. OT/SCADA sistemlerini kapsayan testler özel metodoloji gerektirir.

SPK sızma testi kim için zorunludur?

SPK düzenlemeleri kapsamında aracı kurumlar, portföy yönetim şirketleri ve diğer sermaye piyasası kuruluşları düzenli sızma testi yaptırmakla yükümlüdür.

TSE 13638 sertifikalı firma olmanın avantajı nedir?

TSE 13638 standardı, sızma testi hizmeti sunan firmaların akredite edilmesi için Türkiye'de uygulanan ulusal standarttır. TSE 13638 sertifikalı firmalarla çalışmak, yasal yükümlülüklerin karşılanmasını ve denetim süreçlerinde belgesel güvence elde edilmesini sağlar.

Sızma testi fiyatı nasıl belirlenir?

Sızma testi fiyatı; testin kapsamına, hedef sistem sayısına, test süresine, regülasyon gereksinimlerine (BDDK, EPDK, SPK, TSE, PCI-DSS) ve raporlama derinliğine göre değişir. Netlore Security ücretsiz ön görüşme ile kurumunuza özel fiyatlandırma sunar.

Sectors / Government & Public Sector

Sector · Government & Public

We secure public services and citizen data to national standards.

Penetration testing and consultancy aligned with the national cybersecurity framework for e-government platforms, critical public infrastructure and sensitive state information.

National StrategyE-Government GuideTS ISO 27001Critical InfrastructureKVKK

Request a Security Briefing See the Solutions

Sector Profile

Government & Public Sector

Compliance framework

National Cybersecurity Strategy and Action Plan · E-Government Guide · TS ISO 27001

Priority threats

State-sponsored APT · citizen data breach · critical service disruption

Critical assets

E-government platforms · public data centers · legacy systems

Data scale

Personal data of millions of citizens

01 — Sector Challenges

Accountability to citizens

Public institutions must protect both the continuity of citizen services and sensitive state information at the same time.

Critical Infrastructure & E-Government

Ensuring the uninterrupted continuity of e-government and critical public service systems.

Citizen Data

Protecting the confidentiality of the personal and sensitive data of millions of citizens.

APT Attacks

Being a priority target of state-sponsored advanced persistent threats (APT).

Legacy Systems

Vulnerabilities of unpatchable legacy systems and the need for modernization.

02 — Sector-Specific Solutions

Security assessment for public institutions

Specialized support across every layer — from citizen services to critical infrastructure.

E-Government Security

Comprehensive penetration testing of electronic public service platforms and citizen portals.

Critical Infrastructure Testing

Security assessment and resilience testing of critical public systems.

Data Center Security

Physical and cyber security assessment of public data centers.

APT Defense & Red Team

State-sponsored advanced threat simulation and defensive capability testing.

Legacy System Security

Security analysis of legacy systems and prioritized modernization recommendations.

Incident Response & Exercises

Preparing cyber incident response plans and exercising them with realistic scenarios.

03 — Compliance & Standards

The national framework of public sector security

National Cybersecurity StrategyAssessment aligned with the National Cybersecurity Strategy and Action Plan.

Critical InfrastructureSecurity testing within the scope of critical infrastructure protection requirements.

E-Government Security GuideCompliance with the security guide for public information systems.

TS ISO/IEC 27001Information security management system standard (national adaptation).

NIST / ANSSIInternational public sector security frameworks (reference).

Contact

Secure your public services

Get a security briefing for your critical infrastructure and e-government systems.

Request a Security Briefing

Offensive Services

Defensive Services

Training & Consultancy

Security & Compliance

Intelligence & Consulting

Products

Critical Infrastructure

Commercial Sectors