CMC Telecom – Pentest Team of the Year

Nominated in the Category:

Additional Info

Nominee’s NameCMC Telecom
Company / OrganizationCMC Telecom
Company size700-999 employees
CountryVietnam
World RegionAsia
Websitehttps://cmctelecom.vn/en/

NOMINATION HIGHLIGHTS

CMC Telecom’s Penetration Testing Team is composed of some of Vietnam’s most elite cybersecurity experts – highly trained professionals with extensive hands-on experience in simulating, detecting, and mitigating modern cyberattacks across critical digital infrastructures.
Key Highlights:
• The team holds globally respected certifications such as OSCP, OSEP, OSWE, CRISC, and CREST, and includes members consistently recognized in the Hall of Fame by Apple, Microsoft, Bugcrowd, and Synack, underscoring their world-class expertise.
• Actively engaged in global security communities, CMC Telecom’s PentestTeam supports incident response efforts and contributes to strengthening the cybersecurity landscape in the digital era.
• Conducts hundreds of penetration tests annually for banks, telecom operators, energy companies, e-commerce platforms, and manufacturing sectors both in Vietnam and internationally, strictly adhering to standards such as OWASP, NIST SP800-115, OSSTMM, PTES, SANS, and customer-specific industry benchmarks.
• Developed an in-house penetration testing toolkit tailored to different system architectures and business verticals, enabling detection of deeply hidden vulnerabilities and the simulation of advanced attack vectors (e.g., APTs, phishing, privilege escalation).
• Specialized in zero-day vulnerability research and security assessments for cloud-native environments, APIs, AI/ML applications, and OT/IoT infrastructures.
• Practical insights from penetration tests are directly integrated into the CMC Comprehensive Security Platform (CCSP), enabling clients to gain a full-spectrum view of their security posture and proactively strengthen their defenses.
Tangible Impact:
CMC Telecom’s Penetration Testing Team not only identifies vulnerabilities before adversaries can exploit them, but also acts as a strategic cybersecurity partner – empowering clients to build proactive cyber defense capabilities and a resilient security architecture aligned with digital transformation objectives.