Are you wondering whether your IT systems and applications are secure? Can a hacker infiltrate your network? We will step into the shoes of a malicious attacker, penetrating your defense and identifying security vulnerabilities. For that we will gather information, use professional tools and techniques and find creative solutions to circumvent your security measures. This is called a penetration test (pentest), performing a real attack while coordinating it with you.
A penetration test is a structured attack against IT systems or applications to find security weaknesses and flaws. During a pentest the same tools and techniques are used, which a real attacker would use to infiltrate your systems. It is always a combination of security tools and manual tests to find and exploit a vulnerability. Whereas a real attacker only needs to find and exploit a single vulnerability, a penetration tester will check all common attack vectors. A penetration test reveals if a real attacker would be able to inflitrate your systems.
We specialize in penetration testing of web applications and IT infrastructures. Our penetration testing approach is based on OSSTMM and OWASP Testing Guide and also meets the requirements of the Payment Card Industry Data Security Standard. Using a structural approach for penetration testing is a key success factor to get repeatable results. After the test itself, you will receive a detailed report. These pentests reports contain a management summary and a technical description of all identified vulnerabilities.
Performing a penetration test is always a compromise between its security insight potential and its costs. A typical pentest shows a good balance of these characteristics, delivering very import security insights. The cost of a balanced penetration test is determined primarily by the scope of application and/or size of the IT infrastructure, and depends on the penetration tester's time-effort to examine his target. Whereas a pentest for a small web application will take approximately a day, penetrating a complex IT infrastructure with multiple servers and applications can take weeks. Nevertheless most medium-sized web applications can be tested in a week or less.
For a valid estimate we need information about your web application or infrastructure. Providing some form of access to the web application to get a impression of its compexity and providing basic information about the underlying framework or programming language will help us making you an exact offer. If the penetration test is about an IT infrastructure, you need to send us the corresponding network or ip addresses. In this case we will conduct a simple and non-invasiv network scan in order to get a good estimate. After conducting our cost estimation you will receive a comprehensive offer.
To make you an offer, please get in touch with us. If you have any further question, please do not hesitate to contact us.
Do you have questions about our service? Do you like to get an offer? Just get in touch with us. Please use our contact form or call us +49 69 2475607 0.
As a PCI DSS Level 1 certified payment service provider, we recommend binsec as a service provider for penetration testing without reservation. The conducted penetration tests allowed us to improve our level of security even more. Th reports are very professional, detailed and comprehensible, and focused on target groups. The Management Overview, including a detailed risk assessment, provided us a quick and well-targeted overview.