Penetrationtests

We find the weak points in your systems

Configure PenTest
get advice

What is a penetration test?

A penetration test is a method of checking the security of an application, device or network that mainly considers technical aspects, although organisational security measures are also included.

As a service provider, we typically receive specific access to the systems to be analysed from you as the client. The type and scope of a penetration test depend on your specific requirements, objectives and the size of the infrastructure to be tested. In consultation, we utilise discovered vulnerabilities to gain access to additional systems. This enables us to assess the actual impact and risk potential of these vulnerabilities.

The result provides certainty

As a result of this test, you can be sure whether your hedging and hardening concepts described on paper are also effective in reality or whether you still need to take action.

You will receive a comprehensive report from us which, in addition to a non-technical summary for decision-makers, also contains all the details of the identified vulnerabilities, their impact and exploitability as well as specific recommendations for reducing the risk and eliminating the vulnerability.

A penetration test is worthwhile for your company if
  • you want to know how your IT security is really doing. Trust is good, control is better.
  • you want to protect your assets and data.
  • you want to introduce new hardware or software products.
  • you want to be a trustworthy partner for your customers and suppliers.
  • you want to prevent cyberattacks.
  • They must comply with legal and industry-specific requirements and regulations.
Start PenTest now

Penetration test classification

We differentiate between penetration tests in the following classifications:

Information basis

Realisation

  1. without prior knowledge (black box)
  2. with partial prior knowledge (grey box)
  3. with extensive prior knowledge (white box)
Scope

If the penetration test is the test

  1. an application
  2. of a network
  3. physical access
Aggressiveness

Should the penetration test rather

  1. Aggressive (thus possibly more time-saving)
  2. cautious
  3. Passive
  4. or weighing up

be carried out?

Scope

Should the penetration test completeby factors such as budget limited or focus on specific weak points focus.

Procedure

Should the penetration test be carried out obviously (extensive log entries are not a problem here, the defence lawyers are in the loop) or covertly?

Starting point

Should the test be carried out from outside, from the DMZ or from inside? Is a separate test network provided?

The classifications described here support the targeted preparation of an offer and the planned implementation of the penetration test so that you can place your next order in a targeted manner.

Our PenTest specialisations

OT, IoT and Embedded PenTest

Secure your production!

OT and IoT devices and their applications require special hardening in order not to pose a risk. The supply of updates is often patchy - the devices must not pose a security risk even after a long time without updates.

learn more

Kubernetes PenTest

From containers to clusters: holistic security

Complex container networks and clusters often contain business-critical applications. With a particular focus on the allocation of rights, secure communication and fail-safety, we find the deficits and provide support in eliminating them.

learn more

Active Directory PenTest

Protect the centrepiece of your infrastructure

The Active Directory is one of the main targets of an attacker. Taking over accounts with extensive authorisations gives attackers access to critical core components. We find the weak points in your Active Directory administration and help you to harden your infrastructure!

learn more

Network penetration test

Once in, all gone: How easy is it for hackers on the network?

Secure network transitions and reliable segmentation secure particularly sensitive areas in your company. We find out whether attackers have an easy time in your network.

learn more

Web application PenTest

One application, many possibilities - even for attackers

Web applications, SaaS products and websites are often a lucrative target for attackers not only because of their public accessibility, but also because of the extensive data that the applications access. They therefore require special protection.

learn more

API penetration test

Are your interfaces secure?

Wherever interfaces communicate, it becomes interesting for attackers. We identify the starting points for attackers and offer concrete measures to remedy the situation.

learn more

Cloud & IaaS PenTest

Future-proof infrastructures require future-proof security

The move to the cloud and flexible infrastructures-as-code harbour great opportunities, but also often neglected risks. The cloud is not secure per se, only the attack vectors are different. We find the weak points.

learn more

Cyber Security Assessment

Gain a target-oriented overview of the status quo

Whether you want to gain an initial overview of the status quo of your company's cyber security, minimise the risk posed by a supplier or evaluate a company as part of due diligence, a cyber security assessment provides concrete proof of the current status.

learn more

Secure your IT now!

  • Extensive experience in the field of offensive security
  • Broad experience in the team
  • Highly secure solutions that do not open new doors for attackers

The colleagues at Laokoon were on hand to answer any questions we had and provided uncomplicated support.

Team Leader Development

Penetrationtests

AttackSimulations

Trainings

Further information