Enya Security
Request an audit
FAQ

All the answers
to your questions

Want to understand how a cybersecurity audit works? Find answers to the most frequently asked questions here.

General Process Technical Pricing Data After the audit

General

Could the audit disrupt my business?

No. Enya Security audits are carried out on a read-only basis. No changes are made to your database or systems during the engagement. The goal is to observe, analyze, and identify risks without interrupting your operations.

Do you work remotely?

Yes. Most audits are carried out remotely through secure access (VPN, SSH, cloud console, or screen sharing depending on your environment).

Who are your services for?

Mainly:

  • Small businesses
  • Medium-sized businesses
  • Local authorities
  • Associations

Process

How does an audit unfold?
  1. 1 Initial call (10 minutes)
  2. 2 Quote approval
  3. 3 NDA signed
  4. 4 Rules of Engagement signed
  5. 5 Technical audit
  6. 6 Report delivered
  7. 7 Results presentation
How long does an audit take?

It depends on the scope. On average:

  • Express: a few hours
  • Standard: 1 to 2 days
  • Premium: 2 to 4 days
Will I receive a report?

Yes. Every engagement results in a detailed report including:

  • Vulnerabilities identified
  • Their criticality level
  • Observed evidence
  • Remediation recommendations
  • An overall risk score

Technical

What types of databases do you audit?
  • MySQL
  • MariaDB
  • PostgreSQL
  • MongoDB
  • SQLite

As well as the main compatible cloud services.

Do you audit AWS, Azure, or Google Cloud?

Yes. When the database is hosted in the cloud, a dedicated module covers network exposure, IAM access, backups, encryption, logging, and other controls suited to cloud environments.

Do I need to give you administrator access?

No. Read-only access is preferred whenever possible.

Pricing

How much does an audit cost?

Pricing depends on:

  • The number of databases
  • The type of hosting
  • The modules required
  • The tier chosen

Check out the Pricing page or request a free quote.

Are there any hidden fees?

No. The quote specifies the scope and any additional modules before the engagement begins.

Confidentiality

Does my data stay confidential?

Yes. A non-disclosure agreement (NDA) is signed before any engagement begins. All technical information is handled confidentially, and data collected during the audit is destroyed after the engagement in line with the agreed commitments.

Do you keep access to my systems?

No. Access provided is used solely to carry out the engagement and is then removed following the agreed procedure.

After the audit

Are you responsible for fixing the issues?

No. Enya Security performs audits and provides recommendations. You remain free to:

  • Make the fixes in-house
  • Hand them to your IT provider
  • Or use any other provider of your choice
Can you verify that the fixes were made?

Yes. A post-remediation verification service is available to confirm that the recommendations have been properly implemented.

DIDN'T FIND YOUR ANSWER?

Get in touch.

We typically respond within 24 hours.

Contact us