Overview For Project Managers Application Security Cryptography Penetration Testing Training & Writing Java DE

Security tests, Penetration testing (Pentests)

Technical security tests are an important part for the overall security of a system. It does not depend whether a pure IT system is concerned, like an Internet server, or for instance the remote control of a heating system. All IT-related systems have critical demands on working security measures.

Although security tests do not replace a security process, they must be part of this process. Their results provide very important information about missing security measures or even critical vulnerabilities. As consequence, security testing not only leads to the correction of security flaws but also to adjustments of development and company processes. Hence, corresponding security flaws can be avoided permanently.

For the basic understanding of the expression penetration test, it has to be said that security tests, examination and pentesting are often used simultaneously. However, an actual pentest means the technical examination from a hacker's point of view (hacker/cracker) with the ultimate goal to penetrate a system or otherwise proof a corresponding opportunity.

A pentest without result or without findings is no proof for a system's security. A pentest solely is a form of a random sample which is executed only at a limited time and cannot not make any statement for future changes.

Execution (worldwide)

We are focusing on testing web technologies, web applications and web services. This includes web/online shops, Internet services, cloud applications and other web front-ends and corresponding back-end systems. Moreover, this includes web components as part of integrated products.

Our tests include a standard scan for open services and general vulnerabilities but focus specifically on web application vulnerabilities, for instance SQL Code Injection or Cross-Site-Scripting. Besides the discovery of technical security vulnerabilities, we also provide information about flaws in system architectures and organizational measures like patch management.

Orientation guides

The following links provide a little help for understanding the background of security tests a bit better and provide suggestions for the area of web security in general:

Support in case of Security findings or Security incidents

We offer consulting options for understanding security findings or possible solutions to fix vulnerabilities (Incident Handling).

If hotfixes are necessary, we guide you through the consideration process to find an adequate solution.

Special Services

We also offer further special services. Contact us to talk about the following security activities: