Penetration testing involves manually checking IT systems for security gaps. In contrast to the IT security audit, security gaps (e.g. buffer overflows, format string vulnerabilities or simple rainbow table attacks on NTLMv2 authentications, which unfortunately are still often used) are exploited as far as possible, so that a realistic picture of corporate security emerges.
In addition to purely technical IT security, we test other areas such as physical IT security, for example using RFID or Mifare access card tests for doors or security gates. At the end of the day, there is still the residual risk – the human being. We therefore test this risk using social engineering in most penetration tests - this is the only way to create real user awareness.
The only important thing to know is that we don't sell a Nessus or OpenVAS scan report as a penetration test, which is unfortunately becoming increasingly the case. Specific scans are essential, especially for the multi-faceted and complex areas of logistics.
Every company has to be viewed differently and relies on individual protection. If you have already determined your protection requirements using an Information Security Management System ("ISMS"), the depth of the test is based on this procedure. In the field of logistics, it is primarily about fail-safe planning and administration - hardly imaginable if the strategic or operational processes are impaired.
If no ISMS or no complete ISMS has been set up, we determine the depth of the test in a joint (free) appointment and a specially tailored questionnaire in order to be able to submit an offer based on this.
The testing depths vary from simple script kiddie testing to the governmental level. Thus, a penetration test can last between 4 days and several months. The highest priority here is that none of the tested systems are impaired or even fail.
We use cookies, and Google reCAPTCHA, which loads Google Fonts and communicates with Google servers. By continuing to use our website, you agree to the use of cookies and our privacy policy.