Search
Our services

Penetration Tests

We have long-standing experience in the field of audits and penetration tests. Our consultants regularly attend international hacker conferences and carry out research for vulnerabilities. This allows us to not only examine your IT solutions for potential security risks on a conceptual level, but we can also detect the technical and organizational vulnerabilities that actually exist and evaluate them appropriately.

We know the latest attacking techniques and methods and regularly find unknown vulnerabilities in malware. Depending on your needs, a penetration test can go far beyond a standard scan. This is why we detect vulnerabilities in supposedly secure systems and applications time and time again that other auditors have overlooked.

Thus you can be sure to find your vulnerabilities and close the gaps before an attacker can find and exploit them.

Technical Reviews

Source Code Reviews

In the context of source code reviews, the source code of web applications, mobile apps, fat clients etc. is examined for security flaws.

Assessments of Mobile Apps

Security assessments of mobile apps for the iOS and Android operating systems

Assessments of Mobile Endpoints

Such assessments simulate an attacker with physical access to the endpoint to be assessed (e.g., laptop, smartphone).

Assessments of Special Devices, Embedded Systems and Customer Products

These include assessments of IoT devices, home automation and components in the environment of ICS (industrial control systems).

Security of Web Applications, Web Services and Portals

Security assessment on the application level for any kind of web application like customer portals, web shops, HR portals, online banking, intranet, etc.. The assessments are carried out on the basis of common standards.

Banner für Penetrationstest

In-Depth Reviews

Red Team Exercises
Simulation of real attacks: How well can employees, infrastructure and physical security measures withstand the attacks? Our red team projects are designed very individually and are also carried out in accordance with requirements such as TIBER upon request. More information can be found here.

War Games (Red Team vs. Blue Team)

These projects serve as a training for the customer’s SOC. They are aimed at evaluating and improving the detection capabilities and efficiency of the blue team.

Social Engineering

Using different social-engineering techniques, we try to access sensitive company data or IT systems. Various social-engineering scenarios are run through in agreement with the customer.

Insider Analyses

Such assessments simulate an insider (an intern or employee, for instance). They aim to identify the vulnerabilities and risks that exist from the perspective of an insider.

Configuration Analyse

Assessments of the System Security and Hardening of Servers and Endpoints

These kinds of assessment aim to identify security-relevant misconfigurations or vulnerabilities on the operating system level that enable attacks or make them easier.

Configuration Analyses of Azure, AWS and Google Cloud Environments

Our consultants inspect the configuration of the respective cloud environment and evaluate it with regard to security-relevant settings.

WLAN Reviews/Audits

Assessment for threats and vulnerabilities of the WLAN infrastructure and the WLAN components involved

Conceptual Reviews

ISMS Assessments, Reviews of Processes or Guidelines

Data Protection Audits in the Context of IT Security

Structural Analyses of DMZ Structures and Network Reviews

Conceptual examination of existing network architectures (e.g., DMZ)

Do you want to protect your systems? Get in touch with us.
Search
Search