Hacking attempts to identify and exploit one or more vulnerabilities. The classic goal of hackers is to infiltrate and compromise their victim. Penetration testing aims to identify all existing vulnerabilities in an IT application, an IT system or a company and then try to exploit them successfully. The techniques and tools used are identical, but the structural approach and the final goal are different. A hacker may be satisfied with the successful exploitation of a single vulnerability, a penetration tester only when he has analyzed the entire attack surface.
We offer penetration testing for IT infrastructures, Web Applications, Mobile Apps (iOS and Android) and IoT devices. Our structured pentest approach is based on OWASP, OSSTMM, BSI and PCI DSS.
Performing penetration tests for customer requirements like ISO27001, PCI DSS, KRITIS, i-Kfz, DiGa, Sports Betting Licences or MPA Content Program is a typical task for our certified pentest expert team (OSCP, OSCE, BACPP). Read more..
We offer consulting services for the implementation of security management topics like ISO27001, PCI DSS, BSI IT-Grundschutz, Incident Response, SIEM or BCM.
Also we consult on implementing specific technical security controls like ModSecurity, Juniper MX / SRX / EX (Junos OS), Snort, Percona XtraDB Cluster,MySQL Galera/MariaDB Galera Cluster or Saltstack (Salt). Read more..