FAQ

Do you have any questions about our services?

We are here to answer quickly, effectively, and reliably! On this page, you will also find answers to frequently
asked questions about our PenTest process. If you don't find a suitable answer to your specific question here,
feel free to write us a message on our contact page.

• What is penetration testing?

  Also known as PenTest, is penetration testing are planned and permitted attacks on systems to simulate malicious attacks to identify vulnerabilities and potential problems in target systems. Thereby, testers are expected to think and act like real attackers in order to obtain realistic results.

  The attacks are documented, and the results evaluated to provide a risk assessment and necessary actions to address the identified vulnerabilities.

  Learn more

• How does a penetration test proceed?

  First, we jointly define the scope and nature of the tests (scoping) and then submit an appropriate proposal.

  After approval, we start the tests at the agreed time, try to discover vulnerabilities, exploit them if necessary (exploit) and evaluate the possible impact (system takeover, data theft, manipulation, etc.).

  Finally, the customer receives a detailed technical report and a management summary. Both are discussed in a joint debriefing session.

• What kind of time commitment should I expect?

  The time required at the customer/client is usually very low.

  During the tests, the testers act autonomously and would only point out if already identified vulnerabilities indicate imminent danger.

  In total, the effort on the customer side is very manageable and amounts to only a few hours. Of course, this also includes the debriefing.

• What information do I need to provide for a quote?

  In our scoping interview, which lasts about 30 minutes, we discuss the scope of the project.

  Which scenarios should be covered? For this, we need information on whether, for example, we should check your public attack surface, simulate the attacker in the internal network, or specifically test web services or digital products. Of course, we can also combine our services, and check your code for implementation errors or test your physical security or your employee’s resilience against social engineering attacks.

• What documentation will I receive?

  On the one hand, you get a comprehensive and technically detailed report on risks and vulnerabilities with corresponding recommendations for action, and on the other hand, you get a management report where the results are summarized in a less technical way and provided with a risk assessment.

  Click here to see our sample report.

  We delete all information from our systems after a defined period of time.

• How much does a penetration test cost?

  We do not have fixed prices, which means that each customer order is individual.

  We will be happy to make a scoping meeting with you in order to be able to make a tailor-made offer.

  Contact our Team

Still not finding the answers you were looking for?

Just get in touch with our team. We will get back to you as soon as possible to answer the rest of your questions.

Get in touch