Ethical Hacking

Ranging from thorough manual Pen Testing to Red Teaming

Hackers are creative and are often one step ahead of their victims. You can engage our ethical hackers to pen-test your network infrastructure, web and mobile applications, APIs and connections. With their findings, they help you make your digital environment more secure.

Dedicated Hackertime

  • Intake call for time estimation
  • Your unique project for a fixed price

Documented Vulnerabilities

  • Overview of all found vulnerabilities
  • Classified according to criticality

Comprehensive Reporting

  • Full report including all details
  • With executive summary

Clear Recommendations

  • Solution-focused advice
  • Independent and not biased

Company Security Score

  • How you score against hackers
  • Based on criticality of errors

Personalized Debriefing

  • Explained in human language
  • We remain on standby after the test

What can you choose from?

BLACKBOX TEST

  • Pentester has no prior knowledge
  • Full test from outside

TIMEBOX TEST

  • Pentester based on time
  • We penetrate as far as possible

GREYBOX TEST

  • Pentester has partial information
  • Combining external and internal test

BUDGETBOX TEST

  • Pentester based on budget
  • We penetrate as far as possible

WHITEBOX TEST

  • Pentester has full prior knowledge
  • Full test from the inside

RED TEAMING TEST

  • All possible hacking and social engineering techniques
  • We work with predefined objectives

Possible Pentest Targets

Web Applications

Websites, e-shops, portals or CRM systems are a gateway from the Internet to sensitive data. We identify all vulnerabilities and advise on measures to be taken.

Mobile Applications

Mobile apps process sensitive data linked in various ways to other (web) services and systems. We test all possible links of iOS, Android, and Windows apps with or without the corresponding web application.

WiFi

Hackers can easily get in via WiFi. The signal is then picked up outside by criminals so that they can hack remotely and quietly without being noticed.

Software Defined Radio

More and more communication between our systems is wireless. Software Defined Radio (SDR) has increased the risks enormously. We map out everything (think of IoT devices).

ICS-SCADA

Industrial control systems and SCADA are connected to internet and corporate networks but do not have optimal security. We check this thoroughly. 

Compliance Audits

A pen test is often a mandatory part of an ISO 27001 or GDPR certification process. We thoroughly check whether you meet all the requirements.

Cloud Security

Your company works in the cloud. But are the links to your own environment safe? Maybe they create unforeseen security holes?

Company Network

We check whether hackers can penetrate your internal network and also whether malicious employees or visitors can misuse data from within.

Other Hacking Services

Red Teaming

We carry out realistic cyber-attacks, using the latest hacking techniques, to test your security. It is a complete cyber fire drill on the staff and the company network. So that you are prepared for a real attack.

Check-ups

Teleworking and migrations to the cloud allow staff to work flexibly from different locations. In the process, little consideration has been given to security risks. The check-ups detect all security leaks in your cloud environment.

Mystery Guest

How far does an unannounced visitor physically get into your company? We come on-site incognito, test it out and deliver a comprehensive report.

Hack-proof Tools

We have online backups, cyber insurance, the most efficient anti-ransomware scanner and a security score to check the digital footprint of your own company and your suppliers.

Cyber Threat Hunting

Through proactive and in-depth forensic analysis you can check if you have been hacked and if there are systems that leak information.

Criticality and Predefined Bugs

Low urgency (K4)

Criticality from 0 to

Medium urgency (K3)

Criticality from 25 to

High urgency (K2)

Criticality from 50 to

Very critical (K1)

Criticality from 75 to

All tests are performed in a very thorough and professional manner according to the CVSS standard.

Bits and pieces about Penetration Testing

A penetration test, or pen test, is a security test of IT infrastructure by exploiting vulnerabilities in a controlled manner. These vulnerabilities may exist in operating systems, services, application flaws, improper configurations, or risky end-user behavior. Such assessments are also useful in validating the efficacy of defensive mechanisms, as well as end-user adherence to security policies.

The fundamental purpose of penetration testing is to measure whether systems or end users can be compromised and to evaluate the impact such incidents have on affected resources or activities. You can think of penetration testing as appointing a burglar to see if he can break into your house.

Yes, they evaluate your company's ability to protect its networks, applications, endpoints and users from external or internal hacking attempts. The tests provide detailed information on real, exploitable security risks to proactively identify the most critical vulnerabilities and what actions are needed. By regularly putting your cybersecurity security and security staff to the test, you no longer have to hypothetically wonder what an attack will look like and how you will respond. You will have a clear picture of how your company scores against hackers.

Penetration testing should be performed on a regular basis to ensure more consistent IT and network security management. In addition to regularly scheduled analysis and assessments required by regulatory mandates, tests should also be run whenever: 

  • A network infrastructure or applications are added
  • Upgrades to infrastructure or applications are done
  • Security patches are applied
  • End user policies are modified
  • New office locations are established

Going through the results of pen tests provides a great opportunity to discuss plans going forward and revisit your security posture overall. Additionally, relaying these results with actionable insights to decision makers within the organization will better emphasize the risk that these vulnerabilities pose, and the positive impact that remediation will have on the business. 

While vulnerability scans (100% automated) provide a valuable picture of what potential security weaknesses are present, penetration tests (primarily performed manually) can add additional context by seeing if the vulnerabilities could be leveraged to gain access within your environment. Pen tests can also help prioritize remediation plans based on what poses the most risk.