Customer Success Story

Circadia Health Completed Full-Scope Medical Device Penetration Testing Within One Week to Support FDA Interactive Review with Akitra PenTest Platform

Name: Akitra
Brand: Akitra

Delivering enterprise-grade penetration testing at startup cost to support medical device regulatory readiness

Circadia Health is a healthcare technology company developing radar-based, contactless remote patient monitoring devices to measure respiratory rate and heart rate.

During FDA interactive review, Circadia Health required independent third-party penetration testing to support cybersecurity validation across firmware, backend APIs, and web applications within a constrained timeline.

Under the leadership of Erhan Ilhan, Head of Quality and Regulatory, Circadia Health engaged Akitra to perform the assessment based on their ability to execute quickly while providing technically rigorous and well-documented results suitable for regulatory review.

The Challenge

In preparation for FDA submission, Circadia Health needed to comply with the FDA’s updated cybersecurity guidance, making independent cybersecurity validation essential. The organization needed to address several regulatory, technical, and operational priorities:

Regulatory Alignment: Meeting new FDA cybersecurity guidance requirements, including documented third-party validation of system security.

Comprehensive Coverage: Testing multiple components like, firmware, API backend endpoints, and web application interfaces.

Time Sensitivity: Circadia Health was operating under tight regulatory timelines with no room for delays.

Vendor Selection Strategy: They need to balance speed, technical depth, and cost-effectiveness when choosing a penetration testing provider.

Execution Continuity: Maintaining momentum during clearance preparation without losing valuable days due to communication or process gaps.

During our interactive review with the FDA, timing was critical. Akitra moved exceptionally fast, going from our initial discussion to delivery of the final penetration testing report in roughly one week. It’s one of the fastest turnarounds I’ve experienced in my career.

Erhan Ilhan

Head of Quality and Regulatory, Circadia Health

Akitra's Solution

To support Circadia Health’s FDA submission readiness, Akitra leveraged its Pentest Platform to deliver a structured, responsive, and technically rigorous engagement:

Rapid Engagement Through the Akitra Pentest Platform: From initial leadership discussion to onboarding, scoping, and final report delivery, the entire engagement lifecycle was streamlined and completed in one week only.

Centralized Multi-Layer Testing Management: Using the Akitra Pentest Services, firmware, API backend endpoints, and web application components were tested under a coordinated, single engagement framework.

Platform-Driven Reporting & Visibility: Akitra delivered structured findings through the Pentest Platform with clear risk prioritization, actionable remediation guidance, and organized documentation suitable for regulatory review.

Collaborative Remediation Tracking: Akitra enabled Circadia’s engineering team to review findings, clarify issues, and track remediation progress directly through structured communication workflows.

The Result

Through the Akitra’s Pentest service, the partnership delivered measurable impact at a critical stage in Circadia Health’s FDA clearance journey:

Accelerated FDA Clearance Timeline: A platform-driven engagement model enabled the full penetration testing lifecycle, from kickoff to final report completed on time. Erhan Ilhan, Head of Quality and Regulatory, Circadia Health commented, “it was a record time in my career.”

Improved Security Across Device & Platform Layers: Identified and remediated vulnerabilities across firmware and application systems, strengthening overall product resilience.

Documented Third-Party Validation for Regulatory Confidence: Structured reporting from Akitra’s Pentest services supported FDA cybersecurity expectations with organized, review-ready documentation.

Consistent, Transparent Engagement Experience: Akitra’s centralized platform approach ensured smooth communication, visibility into findings, and minimal operational disruption.

Akitra conducted testing across our firmware, APIs, and web application and delivered clear, actionable findings. Their support during remediation was strong, and they provided solid technical depth at a competitive cost.

Medical Equipment Manufacturing

Circadia Health is a healthcare technology company that develops radar-based, contactless remote patient monitoring devices to measure heart rate and respiratory rate accurately from a distance.