Penetration Tests

Our pentesters find your
IT security vulnerabilities - all of them!

 

Highly qualified team of experts:
More than 50 years of pentest experience - over 100 pentests per year!

Result reports above-average quality standard.

Clear and easy-to-understand recommendations for action -
quickly implementable even for non-savvy users!

So-called "automated penetration tests" are not accurate penetration tests but merely vulnerability scans with a misleading name. With our penetration tests, you achieve a comprehensive picture of how you are positioned in the face of real attacks. In addition to technical information on vulnerabilities and their remediation, we also highlight the specific threats to your operational business and provide strategic recommendations for measures to improve your security level sustainably.

Clemens Rambow Offensive Security Consultant, secion GmbH

Data, Facts Backgrounds!

The eight most frequently asked questions about penetration testing.

1. Which pentest procedures does secion offer?

We offer all variants of penetration testing. In addition to the white box, black box, and grey box audit methods, this also includes, for example, the internal perpetrator simulation, the social engineering audit, the phishing simulation, and red teaming. As part of a full-scope security audit, we examine technical aspects and the crucial elements of your physical, organizational, and process-related IT security.

2. Do secion pentesters have meaningful certifications and proof of experience?

Yes, our Offensive Security Consultants not only possess meaningful certifications (e.g. OSCP, OSCE, OSWE), but also ensure and continuously expand their market-leading level of competence through regular training and internal research. In addition, we base our test procedures on established standards and security research projects (e.g. PTES, OWASP) and adapt them to developments in IT security research at any time.

3. What is the more suitable pentesting method for my company? - Externally or internally (for example as an internal perpetrator simulation)?

Basically, this depends on the points in your company at which attackers can achieve success or penetrate most quickly. Internal networks often have no or barely functioning mechanisms for attack detection, carelessly maintained or undocumented systems, and far too generous authorization assignment. If such IT security gaps exist, it is very easy for attackers to gain control of the entire IT environment in a short time. In order to give you a valid statement of which procedure is suitable for you, please contact us via our contact form.

4. How long does a pentest take and how much do I have to invest for it?

The scope and investment level depend on the type of inspection and the infrastructure to be inspected. Contact us for further information.

5. Do I have to expect restrictions in the availability of my systems if I have a pentest carried out by secion?

No. Our IT security checks are carried out by our experts in such a way that no impairment of your IT infrastructure takes place or is to be expected. For further information, please contact us.

6. Does secion also provide me with proof of the pentest that I can use as an advertising measure for my clients and customers?

Yes, we will be happy to provide you with written proof of the quality level of your IT security as part of a retest, which you can use flexibly for your marketing.

7. Is there a face-to-face discussion of review results in addition to documentation of results?

Yes. The results of our audits not only include detailed documentation of your vulnerabilities and the exact remediation measures, but also go well beyond the industry standard in scope. At secion, this always includes a personal meeting and discussion of your findings in order to provide you with an optimal knowledge transfer for optimizing your IT security.

8. Can I also have secion perform non-technical IT security checks, for example social engineering audits or a phishing simulation?

Yes. Through a social engineering audit and phishing simulations, our IT security experts provide you with a precise catalog of measures to increase your IT security at a non-technical level, such as concerning the IT security awareness of your employees. In addition, it often makes sense to combine an internal perpetrator simulation with social engineering elements to test compliance with internal policies or the effectiveness of your physical protection measures.

We commissioned secion's cybersecurity experts to conduct a penetration test. Among other things, they checked provided services accessible via the external IP addresses at the time of the tests. By implementing their recommendations to eliminate the identified IT vulnerabilities, we could significantly increase our security level.

Markus von Oppenkowski Deutsche Tamoil GmbH

Increase your company's resilience now with a penetration test! Our security consultants will be happy to inform you!

Call us at: +49 (0) 40 / 38 90 71 – 0 or send us an e-mail: info@secion.de

How much does a penetration test cost?

Download our whitepaper on this topic now!

By clicking on the "Read whitepaper now!" button, you confirm that you have read our privacy policy. You consent to the use of your personal data for the purpose of contacting you by secion GmbH.