We are convinced that a holistic IT security approach can sustainably protect complex applications and critical infrastructure from hacker attacks. An important component is the penetration test. We examine your web applications and web services, as well as their interfaces, for vulnerabilities and find security holes before others exploit them.
Find and close gaps
Pentesting makes it possible to find and close security gaps and vulnerabilities in software and infrastructure. Our certified experts test your web applications independently of the technology and infrastructure used.
Tailor-made testing concepts
In order to be able to react flexibly and agilely to possible attack vectors, we offer you individual penetration tests. These are optimally aligned to the specific requirements of your web application – whether standard or individual software in a server or cloud infrastructure.
Our way of working
Our approach follows the recommendations of OWASP and the BSI.
Kick-off
Together with you, we get an overview of your requirements, create an individual checklist and define the framework parameters.
Testing
Depending on the framework parameters, we carry out blackbox, greybox or whitebox testing, taking into account the OWASP Testing Guide and the BSI Pentesting Guide.
Documentation German or English
We create a documentation with a description of the weak points, a description for reproduction and offer you advice and support in eliminating the findings.
Presentation on site
Optionally, we present our findings on site.
Re-Testing
Optionally, we re-test all vulnerabilities found.
Our offer
We carry out our pentests on test systems and offer three test variants. After completion of the tests, you will receive documentation with comprehensible solution recommendations, which we will coordinate with you personally if necessary.
Blackbox testing
Advantages of black box testing are:
- Real attack conditions
- Less organisational effort
In black box testing, no information (source code, operational or network information) is available to the testers; the team must obtain the information itself. The procedure best simulates an external criminal attack.
Greybox testing
Advantages of greybox testing are:
- A defined test field
- Faster tests through known basic information
Our testers are provided with defined basic information and learn what the application specifically does. The source code is not usually made available for greybox testing.
Whitebox testing
Advantages of whitebox testing:
- Testing of sub-components and internal functioning
- Comprehensive insights into possible weak points
Our pentesters receive all necessary information, data and source codes of the IT systems as well as knowledge of the internal structures, the architectural principle and the documentation before the test begins. A source code audit does not take place within the scope of a whitebox test.
You wonder
how secure your software is?
Ask us! Thanks to professional pentesting and custom-fit test concepts, we can find out for you – and then define suitable measures.
Integrated IT Security with Micromata
No digitization without IT security. We protect your software systems with a holistic approach. For more security in the network.
Micromata member of the ACS
The best way to counter the dangers of cybercrime is together and in a targeted manner. That is why we are also involved in the Alliance for Cybersecurity.
