Simply make an appointment online for a non-binding and free initial consultation with one of our employees.Arrange Call
The penetration test for critical IT infrastructure (KRITIS) checks the security of server systems, VPN systems, WLAN networks and firewalls. As a basis for secure applications, the system as well as the Network infrastructure should not be neglected. Automated tools are absolutely necessary for this type of evaluation, but a Detailed understanding of Web-based client/server interaction required to use most of the available tools correctly.
Penetration tests are carried out by our specially trained analysts according to recognised standards. planned, and evaluated.
Penetration tests carried out by us are an agile process and are carried out in close consultation with the customer.
The preparation of the pentest takes place in the context of a kick-off meeting with the technical and organizational responsible persons of your company. The framework conditions to be tested are specified, necessary user accounts and access routes are agreed, contact persons and escalation routes are defined and the pentest is discussed in detail together.
Our analysts try to collect as much information as possible. Based on this information, analysis strategies are developed to identify possible attack vectors. These attack vectors are then examined for vulnerabilities in extensive tests.
In this phase, an attempt is made to actively exploit the identified vulnerabilities in order to gain access to the target systems. Depending on the service or technical environment, our pentester writes new exploits or uses existing ones. Potential vulnerabilities can turn out to be false positives. Only verified vulnerabilities are included in the final report and classified according to their criticality.
You will receive a comprehensive final report consisting of a Management Summary and a Technical Report. The criticality of the weak points and recommendations for action are described in detail.
In this phase, the identified weak points are eliminated by your company. If required, you will be supported by our experienced security engineers.
After the remediation you have the opportunity to have us carry out a follow-up check. Here we check the effectiveness of your measures and adjust the result report.
In this final discussion, all critical points in the results report are discussed and all final questions clarified.
Request a sample report or our service portfolio today. We will be happy to assist you!
The following section describes our test modules. As a rule, the longer our analysts have been able to Web application, the more meaningful the results are. If you have special requirements have, we will be happy to make you an individual offer.