Online sports betting providers are also our customers, who are subject to regulatory requirements due to their business model. Authorities such as the Darmstadt Regional Council in Hesse have specific requirements for the proof of qualification of the penetration tester or for the structure of the final report.
For example, while in our report we qualitatively evaluate the risk of a vulnerability according to the probability of occurrence of the extent of damage, in these cases we switch to the metric evaluation scheme - the Common Vulnerability Scoring System (CVSS).