What is a penetration test?
A penetration test is an organised attack on IT systems or
IT applications to identify possible vulnerabilities.
Pentests use the same tools and techniques that real attackers
would use to break into a system.
A penetration test always includes the use of security tools and
carrying out manual tests to uncover vulnerabilities.
But while a real attacker only needs to find and exploit
one vulnerability, a penetration tester checks
all relevant attack vectors.
A penetration test thus reveals whether a real attacker
would be able to infiltrate your IT applications or IT systems.
Our pentest approach
We specialise in penetration testing for IT systems,
web applications, mobile apps and IoT devices.
Our approach is based on the OSSTMM specifications as well as
the OWASP Testing Guide and, if requested by the client,
also complies with the requirements of the PCI DSS.
Having a structured approach is one of the most important factors
to be able to deliver reproducible results.
After completion of the test, you are given a detailed report.
The report includes both a management summary and a
technical report about all identified vulnerabilities.
Cost of pentests
Pentests are always a compromise between effort and cost.
Successful pentests offer a good balance between these criteria
to facilitate the testing of all relevant attacks and attack vectors.
The cost of such a test always depends on the time the
penetration tester spends and on the extent and complexity
of the IT system or web applications.
While a penetration test for a small application takes only
about a day, it can take several weeks for a large network.
However, most tests can be carried out in less than a week.
Binding offers require prior information about the systems and
applications that are to be examined.
It is important that we get an initial impression of the target.
For web applications, for example, test access can be helpful.
Any additional information, e.g.
the framework etc., can make it easier for us to draft
a suitable offer for you.
If you need us to pentest an IT system, we will need the
corresponding network addresses in advance.
In this particular case, we will first perform
a non-invasive network scan to get a first look at your network.
We will provide a detailed offer once we can estimate
the effort required.
Please get in touch with us if you would like to get a formal quote or
if you have any questions.
Of course. Please contact us for a quote and a sample report.
If you fix the vulnerabilities within a reasonable amount of time,
we would be glad to retest at no additional cost.
Contact us for penetration testing
Do you have a question about our service?
Do you need a quote?
Use our contact form
or call us at +49 69 2475607-0.