Restrike Overview

Restrike moves penetration testing from a point in time activity to a continuous process that organizations integrate into their development lifecycle and CI/CD pipeline. Restrike with a next generation WAF satisfies your penetration testing needs while providing long term coverage, mitigation, and detection capabilities for application layer threats, vulenrabilities, and attacks.

Restrike provides teams with the capability to continuously penetration test their products. Carve Systems creates an API model and performs a traditional penetration test to create a model built with AI* (Actual Intelligence). Teams remediate issues discovered with the penetration testing process and then the pentration test is executed as features are deployed, ensuring fixed bugs stay fixed. Additionally, Restrike discovers new vulnerabilities in traditionally difficult to automate vulnerabilities types: authentication, authorization, and indirect object references. When deployed with a WAF the threat based Restrike penetration test is used to create custom rules for next generation WAFs. 


  • Discover new vulnerabilities
    • Authentication
    • Authorization
    • IDORs (Indirecto Object References)
  • Run on demand
    • Continuous penetration testing for your deployment process
  • Capture new security test cases
    • Build security test cases with framework
  • Very low false positive rate
    • Produce meaningful results that don’t slow development teams down
  • Regression Testing
    • Fixed security bugs stay fixed
  • Model real world attacks
    • Built on API model or real world penetration test
    • Penetration test model generates useful test data to tune your security tools
    • WAF Tuning and Improvement