Our Pentesting reduces the Risk of a successful Cyber Attack on your Web Applications
In 2020, the number of attacks from the Internet increased by 424 %, and mostly web applications are affected. To protect your web applications from potential hacker attacks, we offer needs-based web application security. Our experts support you in optimally securing your web applications to prevent data theft and cyber attacks. They review existing security measures, identify risks and vulnerabilities to best protect your applications and sensitive customer data as well as internal corporate networks.
You receive a detailed report on your individual safety situation. We provide you with detailed recommendations for action and help with implementation if required.
Web security standards are required in many industries or business sectors. With our reports on the analysis and optimization of your data security, you meet these legal requirements.
Expertise and state-of-the-art technology ensure optimal protection for your web applications. Secure, up-to-date, reliable.
We are a GDRP compliant company that is ISO 27001/9001 certified.
What do we provide for your security?
We customize our offer individually to your needs – from the well-known OWASP Top 10, to SQL Injection, to Access Control or Cross-Site-Request-Forgery. You can find an overview of our services here:
OWASP Top 10
- Broken access control
- Cryptographic failures
- Insecure design
- Security misconfiguration
- Vulnerable and outdated components
- Identification and authentication failures
- Software and data integrity failures
- Security logging and monitoring failures
- Servers side request forgery
- SQL injection
- Directory traversal
- Command injection
- Business logic vulnerabilities
- Information disclosure
- Access control
- File upload vulnerabilities
- Server-side request forgery (SSRF)
- XXE injection
- Cross-site scripting (XSS)
- Cross-site request forgery (GSRF)
- Cross-origin resource sharing (CORS)
- DOM-bases vulnerabilities
Does the service also scan single-page applications?
Yes. The service scans modern web applications, including single-page applications.
How often is new security-related information added to the service?
Our service is updated daily with the latest security information.
Does the service include source code review?
No. The source code will not be checked.
How should we classify our technical approach?
This is a “black box” test, which means that the tester has no knowledge of the application’s internal architecture or code. This corresponds to the approach of a potential attacker.