Pentesting
We offer pentests for:
- Web applications
- Mobile applications
- DiGAs (Digitale Gesundheitsanwendungen)
- SaMD (Software a a Medical Device)
What is a penetration test?
The penetration test or "pentest" is used to identify potential gaps for attacks on the entire IT infrastructure, individual IT systems or (web) applications. The same means and methods are used that a potential attacker would use or adopt.
The pentest provides valuable data on the vulnerability status of systems under real conditions and complements an information security management system (ISMS). This is why it is mandatory for digital health applications, for example.
How does a penetration test work?
First, together with the responsible tester, you define the goal and scope of the penetration test. Next, we obtain all the basic information about the system to be tested - just as potential attackers do.
In this phase, we systematically check your system for security risks and evaluate them.
Our IT security experts are now reviewing the vulnerabilities in a targeted manner to identify specific entry points.
All results are now combined into a risk profile of the tested system.
The greatest added value for our customers comes from our detailed report on the weaknesses found and the overview of possible courses of action.
How much does a penetration test cost?
Our basic package is characterized by a fair price and a clearly defined scope. It includes all the steps described, from planning and exploration to a meaningful report.
Only after the basic test has been completed do we decide together with you for each of your products whether additional tests make sense.
We will be happy to send you a quotation: request
Penetration tests for DiGA
The basic test program fulfills the requirements of the DiGAV on penetration testing, but can be individually tailored to your application. You can send our test reports directly to the BfArM as proof.