We are
Cyber Security
CREST Accredited     PCI QSA Qualified
Part of HKEX listed company (Stock Code: 8229)
Maximus Security e-Assessment Service
External Network Vulnerability Scanning Services
Standard Features
DE FACTO Industry standard vulnerability scanning service
130,000+ plugins
50,000+ CVE
PCI/DSS Compliance compatible
Add-on Features
False-positive Elimination
Remediation Support
Results Presentation
Verification Service
Starting from: HK$30,000
Web Application Scanning Service
Standard Features
Scan for common web vulnerabilities, including but not limited to SQL injection, XSS, misconfigurations, unpatched software, and 6500+ additional vulnerabilities
Scan for vulnerabilities on third-party software such as Wordpress, Drupal, osCommerce, etc vulnerabilities
OWASP Top 10 categories identification
Scanning without user accounts (Black-box approach)
Add-on Features
False-positive Elimination
Remediation Support
Results Presentation
Verification Service
Test with 1 level of user account (Authenticated/ Grey-box approach)
Starting from: HK$30,000
Other Security Services
Security Services Available
Mobile Apps Security Assessment
Phishing Attack Simulation
Code Scanning Service
IoT Security Assessment
Cloud Security Assessment
Red Teaming
Thank you for applying Maximus Security eAssessment Service
Your Ticket ID is:
We will send the assessment report to your email once the test is completed. You can contact info@maximusholding.com to know the progress. Please quote above Ticket ID in your enquiry.

User Agreement

Maximus aims to provide complete assessment services to secure our clients' applications and network. We are all experienced professionals knowing how to test our targets without doing harm to our clients. Below are our disclaimer and some advices you need to know and understand before applying our service.


Maximus shall not be responsible or liable for any loss or damage of any sort incurred as a result of the assessment service.

Maximus reserves the rights to terminate the service at any time if violation of agreement was found or any cause of force majeure occurred. Maximus might or might not refund any paid amount by client.


During assessment, we might change the database records or upload testing scripts and files to client's server. It is recommended to do a full backup before the start of assessment.

For shared environment like cloud and virtual hosting, unless client got proper permissions from the environment owner, we might skip assessing the components not owned by the client.

Information we Collect

We collect only the information required to provide the requested service. We do not share provided information with third parties. All information collected would only be used within Maximus. Unless getting user consent or required by law or regulations, we would not disclose the collected information to parties not recognized by our clients.