Penetration Testing

Check your system for security – regularly

IT systems are under attackers' fire every day and are thus exposed to permanent security tests! Apply the attackers' methods and identify the security gaps in your systems. Because only those who know the gaps in their systems can protect themselves effectively and permanently against attacks!

We offer you the expertise you need to adequately secure your

  • Externally and internally accessible infrastructure (networks, servers, clients...)
  • Web applications
  • Mobile applications
  • IoT products
  • Systems and software

as well as all connected devices.

We know the challenges posed by a heterogeneous IT landscape and know how to deal with them. Each product needs its own individual test procedure and places different demands on the penetration testers. With us, you can easily master all challenges.

As part of a penetration test, we conduct controlled attacks and use the methods of the attackers. Security vulnerabilities are identified in a targeted, systematic and methodical manner. However, we do not limit ourselves to the security vulnerabilities that are already known and published, but focus in particular on the previously unknown zero-day vulnerabilities. The complexity of your systems does not play a role for us.

There is no one-size-fits-all solution for security auditing of IT systems and software, because every system is different. This is where the expertise and creativity of our employees come into play. Benefit from this and let us adapt the penetration test to your requirements. It does not matter if it is a small web application or a large infrastructure, because every system has interfaces and every untested system has security vulnerabilities. For example, a company's internally and externally accessible network must also be considered as a separate product, as there are significant differences in testing methods. Open security vulnerabilities in the corporate network mean that attackers can take over your network and connected devices and steal or manipulate data.

Penetration testing is an essential tool in the field of IT security. Product testing is commonplace in all manufacturing sectors of industry. No car hits the road without extensive security testing and no building is constructed without extensive material testing. Unfortunately, however, many IT products - even security products - still enter the market without extensive security testing. Gain a competitive advantage and subject your products to penetration testing at an early stage!

We test product-neutral and vendor-independent. In addition to our experience, we also draw on well-known national and international standards and guidelines, such as:

  • BSI catalog of measures "Catalogue of measures and best practices for the security of web applications".
  • BSI study "Implementation concept for penetration tests"
  • OWASP Testing Guide v4
  • OWASP Top 10 2021
  • OWASP Development Guide v2
  • PCI Data Security Standard (PCI-DSS)

As a result of the penetration test, our clients receive a detailed report which contains, among other things, the following points:

  • A risk assessment of the tested systems
  • A detailed description of the identified security vulnerabilities
  • With the appropriate remediation measures in each case

The final report can be discussed with the customer if desired.

If you want to be sure that your systems are protected against attacks, then contact us!