For our pentests (penetration tests) we will perform advanced automated Web Application and Network scans as well as a thorough manual test. We will use techniques similar to what a hacker would use to gain unauthorised access. The result will answer the question whether your web application offers sufficient protection against the risks in the OWASP top 10.
Our work ethic
During the pentest we will look at the progress together. We can even temporarily stop a pentest so that you can solve issues and/or vulnerabilities. This will help avoid a second pentest afterwards. This way there are no surprises afterwards.
Phase 1: Assessment
We will assess all aspects of your web application together with you. We will use our security scans to investigate your web application for any known security issues. These can usually be found where there is user interaction.
Phase 2: Pentest
Your web application will be tested for common design, configuration and programming flaws (from the outside), focusing our attention to security related threats from the OWASP Top 10 list. Besides automated tests we will also run an extensive manual test on the components that have been known to be abused by hackers.
Phase 3: Reporting
The pentest report gives a clear overview of findings and recommendations with which you can get started immediately. You will have the opportunity to fix issues and/or vulnerabilities during the pentest, these will be taken into account in the same report.
Before a pentest is performed, an extensive assessment meeting will take place with one of our Security Analysts.
Depending on the size and complexity of your web application, we need an average of 5 days to complete the pentest.
After the pentest we send you a secured report with risks and actions to be taken to improve the security of your web application.
To guarantee security, we will perform monthly security scans for one year after the pentest.
Pentest5 - 7 days
- Assessment meeting
- Automated web application and network scans
- Extensive manual test
- Execution remote, on site if necessary
- Intermediate rescan(s) for found vulnerabilities
- Report with findings and recommendations
- 12 monthly security scans afterwards
Curious about our services?
Are you interested in our pentests or any of our other services? Fill out your details and we will contact you within 24 hours on business days.