Cost-effective, early detection of current security vulnerabilities. Using professional scanners, we identify weaknesses in your applications and systems.
A rapid test allows individual applications as well as larger IT infrastructures to be automatically checked for known vulnerabilities. According to the German Federal Office for Information Security (BSI), software vulnerabilities are often the first entry point for system compromises and should therefore be regularly assessed.
A rapid test with Berlin Cert not only helps identify vulnerabilities but also supports you in evaluating risks and prioritizing IT security measures.
While vulnerability scans are an essential part of your IT security, they do not replace comprehensive penetration tests. If a thorough security assessment is required, we recommend conducting a manual penetration test.
Procedure
The IT security experts at Berlin Cert examine your applications and IT infrastructure using the BSI-recommended Greenbone OpenVAS vulnerability scanner. OpenVAS is updated daily and includes more than 120,000 vulnerability tests.
The automated assessment is customized to your IT environment and validated by our experts.
At the end of the assessment, you receive a detailed report of the findings, along with a comprehensive personal discussion of the identified vulnerabilities.
Once the audit is complete, a comprehensive report is generated containing all relevant findings and results. This report is made available to the parties involved, and all information contained therein is treated as strictly confidential. The report categorizes the vulnerabilities found according to their criticality and explains the risks using examples. It also includes recommendations for general and specific security measures to remedy the vulnerabilities identified.
Test mark:
As proof that you have carried out an audit, you can obtain a test seal. This shows your stakeholders that you take the security of your website/company/applications seriously.
The security process
“Information security is not a state that is achieved once and then remains constant, but rather a process that must be continuously adapted.”
An IT security audit is a snapshot that objectively evaluates your security at the time of the audit. Since companies' IT systems and security threats are subject to constant change, it is strongly recommended that independent audits be conducted at regular intervals.
According to the BSI, without regular reviews, the effectiveness of organizational and technical protective measures cannot be guaranteed in the long term [1]. Even though security reviews can never completely guarantee that all vulnerabilities will be detected, they significantly increase the security level of your applications and systems, as well as the trust of your stakeholders.
