Home / Support

All systems operational

How can we help?

Search our knowledge base, browse common topics, or reach our team directly. Most questions are answered within one business day — and clients under an active engagement have round-the-clock access to their team.

// GET SUPPORT

Talk to a human.

No bots, no ticket purgatory. Pick the channel that fits — a senior member of the team is on the other end.

@

Email Support

General questions about our services, proposals, or working together.

[email protected] Replies within 1 business day

Client Portal

Active clients can access deliverables, findings, and retest status securely.

Request portal access 24/7 secure access

Active Incident Response

A priority line for clients with an active engagement who suspect a live breach.

[email protected] 24/7 · priority response

Responsible Disclosure

Found a vulnerability in our own systems? We want to hear from you — safely.

Report a vulnerability Acknowledged within 72 hours

// FAQ

Frequently asked questions.

Use the search above to filter, or expand a question below.

What types of security testing does Dataim offer?
We deliver the full offensive spectrum: red team operations, network and infrastructure penetration testing, web and API assessment, mobile and thick-client testing, cloud and Kubernetes review, source code review, and dedicated vulnerability research. See Services for detail.
How long does a typical engagement take?
It depends on scope. A focused web application test is often 1–2 weeks; a full-scope red team campaign can run 4–8 weeks. We give you a clear timeline in the statement of work before anything starts.
How do you scope and price an assessment?
We start with a short scoping call to understand your goals, environment, and constraints, then provide a fixed-price statement of work. Ongoing needs are usually served by a retainer. There are no surprise hourly charges.
Will testing disrupt our production systems?
We agree rules of engagement up front, schedule intrusive activity to suit you, and can work against staging or under assumed-breach scenarios. Safety of your systems and data is a first-class constraint, not an afterthought.
What do your reports include?
An executive summary, a prioritized list of findings ranked by real business impact, reproducible evidence and steps, root-cause analysis, and pragmatic remediation guidance your engineers can act on. We walk your team through it live.
Do you offer remediation support and retesting?
Yes. We partner with your engineers through remediation and re-test fixes to confirm they hold under pressure — retesting of in-scope findings is included with every engagement.
Can you work under our compliance requirements (SOC 2, PCI DSS, ISO 27001)?
Absolutely. We routinely deliver assessments mapped to SOC 2, PCI DSS, ISO 27001, and similar frameworks, and can provide attestation letters and evidence packages for your auditors.
How do you handle our sensitive data and findings?
Engagements run under NDA. Findings are encrypted in transit and at rest, shared only through our secure client portal, and retained per a data-handling policy we agree with you. Your results are never used in our marketing.
How do existing clients access reports and the portal?
Active clients receive secure portal credentials at kickoff. If you need access restored or a new team member added, email [email protected] from a verified address.
How do I report a vulnerability in Dataim's own systems?
Through our responsible disclosure program — email [email protected] or see our security.txt. We acknowledge reports within 72 hours and operate a good-faith safe harbor.

// RESPONSIBLE DISCLOSURE

Report a vulnerability.

We hold our own systems to the standard we hold our clients' to. If you have found a security issue in Dataim's infrastructure or services, we want to know — and we will treat you well for telling us.

  • Email [email protected]Our published contact is also in /.well-known/security.txt.
  • We acknowledge within 72 hoursAnd keep you updated through triage, fix, and disclosure.
  • Good-faith safe harborWe will not pursue action against researchers acting in good faith under this policy.
  • Coordinated disclosureWe agree a reasonable timeline with you and credit your work if you wish.

Please do not access or modify other users' data, degrade our services, or run automated scanning that impacts availability.

Still stuck?

If you could not find what you needed, our team is one message away.