What is a penetration test?

The Explanation of the question: What is a penetration test

A penetration test (pentest) is a structured attack on IT systems and/or applications approved by a client. During a pentest the same tools are used that a real attacker would use to hack. However, the objective differs from that of a malicious attacker: the hacker is only interested in finding and exploiting a single vulnerability. But the penetration tester has the goal of identifying all vulnerabilities and exploiting them depending on the specific objective. He must analyze the entire attack surface and cannot be satisfied with identifying a single critical vulnerability.

Our Services

Penetration Testing

We offer penetration testing for IT infrastructures, Web Applications, Mobile Apps (iOS and Android) and IoT devices. Our structured pentest approach is based on OWASP, OSSTMM, BSI and PCI DSS.

Performing penetration tests for customer requirements like ISO27001, PCI DSS, KRITIS, i-Kfz, DiGa, Sports Betting Licences or MPA Content Program is a typical task for our certified pentest expert team (OSCP, OSCE, BACPP). Read more..

Security Consulting

We offer consulting services for the implementation of security management topics like ISO27001, PCI DSS, BSI IT-Grundschutz, Incident Response, SIEM or BCM.

Also we consult on implementing specific technical security controls like ModSecurity, Juniper MX / SRX / EX (Junos OS), Snort, Percona XtraDB Cluster,MySQL Galera/MariaDB Galera Cluster or Saltstack (Salt). Read more..