Would you like to recognize your IT security gaps in good time? Are you unsure whether your digital infrastructure has weak points? Our cyber security experts check this comprehensively, quickly and with a lot of experience.
A penetration test, or so-called pentest, checks the security of an IT system. If you bring your systems to market quickly, your developers often do not have enough time and sometimes not the knowledge to take care of cyber security. And this is exactly where our services start.
If security gaps are found in systems by hackers, this can quickly have unpleasant consequences. The consequences are manifold: The intruder can paralyze your systems and make them unusable for you and your customers. Sensitive data can be stolen and published. It takes a long time for you to restore all your systems. The hacker can demand a ransom to free the systems again. All of these consequences are detrimental to your business. This can cost you huge sums of money, damage your company's image and scare away customers.
Pentests are usually carried out immediately after the implementation of new infrastructure and applications. Another point in time when pentests are sensibly carried out is when significant changes such as software updates or patches are made.
Among other things, we carry out white box, black box or gray box pentests. The selection of the procedure is based on the level of knowledge and information that the pentester receives from the company at the beginning of the task. In black box pentesting, for example, the tester receives only minimal information about the target system, while in white box testing a high level of information and access was provided by the company in question. This spectrum of knowledge makes different test scenarios possible for different situations.
In order to know the status of the security level of your IT systems, the summarized reports of the penetration test are decisive. This enables you to inform the management of your company about identified security gaps and possible risks. In addition, your IT department receives a list with technical details so that the errors can be corrected promptly.
In the first step, we discuss your expectations and goals and the legal details of a test are clarified. In addition, the type of pentest, the area (s) of the systems and the period are defined.
In the following, we will get an overview of the status of the systems to be examined and define the procedure for the pentest.
In the test, we learn which specific weak points occur at which points and how great the risk at this point is.
The reporting shows you our approach, including the evaluation of the weak points found. In a conversation we clarify the next steps and what options exist to close the weak points.
5 months ago
The Supply Chain Act comes into force at the beginning of 2023 and obliges large companies to document their production chains. Smart contracts and blockchain technology are one way to implement it.
8 months ago
Any weak point in your own IT infrastructure can become a point of attack for a cyber attack with unforeseeable consequences. We therefore offer our Network Security Assessment especially for SMEs without their own IT security department.
a year ago
Companies inevitably have to process personal data in their daily work. The General Data Protection Regulation (GDPR) imposes a number of requirements on data controllers to ensure IT security, which you should take into account.