Detect security gaps in time and protect valuable data

“Hackers” in the service of security

During the Pentest, our experts try to break into your IT system. The aim is to uncover vulnerabilities that could be exploited by real attackers. This can include anything from weak passwords to software bugs. After the pentest, the system administrators receive a report with the gaps found and recommendations to make the IT and systems more secure.

That's how we do it

1. Identify needs

We determine the status quo: What kind of data and applications need to be protected? What special requirements are there? This information is the basis for a tailor-made pentest that determines your individual risk situation.

2. Collecting information

Our security experts collect information, much like a real hacker would. This may include the identification of IP addresses, domains, network topology, and other relevant details. The idea is to make the tests as realistic as possible.

3. Finding weaknesses

Our professionals check various types of vulnerabilities with automatic and manual tests. They try not only to crack passwords, but also to exploit software flaws and bypass security mechanisms. The aim of the test is to identify all potential attack points in the IT systems.

4. Simulate attack

Once vulnerabilities are identified, our security experts try to exploit them to gain access to protected systems, such as customer data. The simulation of a real attack shows how vulnerable the IT system and internal processes are to different threats.

5. Create report

After the test has been carried out, a detailed report is drawn up, listing all the weaknesses found and necessary measures. This report is essential to improve the security of your system and prevent future attacks.

6. Close security leaks

After the penetration test, our security experts will help you to fix the identified vulnerabilities in your IT systems and internal processes, so you are best protected against future attacks.

We uncover vulnerabilities that could be exploited by real attackers.

External penetration test


In the external Pentest, our experts try to penetrate your systems and networks via the web or the Internet. The focus is on the firewall and systems of the so-called Demilitarized Zone (DMZ). The DMZ is a network through which e. g. Web and mail servers can be reached externally. The aim is to detect data access opportunities and leaks. If allowed, our experts will also try to penetrate your internal network via the DMZ.

Internal penetration test


An internal pentest differs from an external penetration test only in the starting point. An internal pentest differs from an external penetration test only in the starting point. An attack from the inside has a greater damage potential than attacks from the outside, as the protection systems have already been cracked. Potential vulnerabilities are insecure system configurations, weak credentials or software with insufficient security patches.

Darknet Monitoring

The darknet is often used for illegal activities such as trading in stolen data or planning cyber attacks. Darknet monitoring looks for hints of potential threats, illegally published access data, company information and other signs of security breaches. We offer you darknet monitoring as a preventive measure to prepare yourself and your IT and information systems in good time for new threats.


Frequently asked questions about Pentests – FAQs

Do I need a pentest as a medium-sized company?
What are the benefits of Pentest for my company?
What is tested in a penetration test?
Should penetration testing be performed regularly?
Why should I perform a penetration test even though my IT department or IT service provider takes care of IT security?

Do you have any questions?
Put your concern in expert hands!

Contact form
Chief Information Officer
Oliver Döring