Pentesting

Our team of pentesters helps companies that want to secure their applications. We advise, test and support you in identifying security gaps and closing them together with you.

Click here

We are convinced that a holistic IT security approach can sustainably protect complex applications and critical infrastructure from hacker attacks. An important component is the penetration test. We examine your web applications and web services, as well as their interfaces, for vulnerabilities and find security holes before others exploit them.

Find and close gaps

Pentesting makes it possible to find and close security gaps and vulnerabilities in software and infrastructure. Our certified experts test your web applications independently of the technology and infrastructure used.

Tailor-made testing concepts

In order to be able to react flexibly and agilely to possible attack vectors, we offer you individual penetration tests. These are optimally aligned to the specific requirements of your web application – whether standard or individual software in a server or cloud infrastructure.

Our way of working

Our approach follows the recommendations of OWASP and the BSI.

Kick-off

Together with you, we get an overview of your requirements, create an individual checklist and define the framework parameters.

Testing

Depending on the framework parameters, we carry out blackbox, greybox or whitebox testing, taking into account the OWASP Testing Guide and the BSI Pentesting Guide.

Documentation German or English

We create a documentation with a description of the weak points, a description for reproduction and offer you advice and support in eliminating the findings.

Presentation on site

Optionally, we present our findings on site.

Re-Testing

Optionally, we re-test all vulnerabilities found.

Our offer

We carry out our pentests on test systems and offer three test variants. After completion of the tests, you will receive documentation with comprehensible solution recommendations, which we will coordinate with you personally if necessary.

Blackbox testing

Advantages of black box testing are:

  • Real attack conditions
  • Less organisational effort

In black box testing, no information (source code, operational or network information) is available to the testers; the team must obtain the information itself. The procedure best simulates an external criminal attack.

Greybox testing

Advantages of greybox testing are:

  • A defined test field
  • Faster tests through known basic information

Our testers are provided with defined basic information and learn what the application specifically does. The source code is not usually made available for greybox testing.

Whitebox testing

Advantages of whitebox testing:

  • Testing of sub-components and internal functioning
  • Comprehensive insights into possible weak points

Our pentesters receive all necessary information, data and source codes of the IT systems as well as knowledge of the internal structures, the architectural principle and the documentation before the test begins. A source code audit does not take place within the scope of a whitebox test.

You wonder
how secure your software is?

Ask us! Thanks to professional pentesting and custom-fit test concepts, we can find out for you – and then define suitable measures.

Sorry, we couldn't find any posts. Please try a different search.

Scroll to Top