Once in, all gone: How easy is it for hackers on the network?

Network penetration test

Network penetration test

Our core business and passion: We check demand-orientated your systems and applications in the network, document the current status and show you where you can position yourself better.

What is the difference between a network penetration test and a vulnerability scan?

An automated vulnerability scan is a process in which a computer programme is used to automatically check a network or system for vulnerabilities.

In contrast, a manual penetration test involves an experienced security expert performing vulnerability tests manually using various techniques to identify potential vulnerabilities in a system or network.

A key difference between the two methods is that an automated vulnerability scan uses a computer programme to check the system, whereas a manual penetration test is carried out by a human expert. This means that a manual penetration test is usually more precise and comprehensive, as it is carried out by an experienced security expert who is able to recognise and assess complex threat scenarios.

Penetration test classification

There are various parameters that can be agreed before carrying out a penetration test. They all have their pros and cons.

Realisation

  1. without prior knowledge (black box)
  2. with partial prior knowledge (grey box)
  3. with extensive prior knowledge (white box)

If the penetration test is the test

During a penetration test, we check your technical and organisational security measures, with a clear focus on the technical aspects.

Should the penetration test rather

  1. Aggressive (thus possibly more time-saving)
  2. cautious
  3. Passive
  4. or weighing up

be carried out?

Should the penetration test complete, by factors such as budget limited or focus on specific weak points focus.

Should the penetration test be carried out obviously (extensive log entries are not a problem here, the defence lawyers are in the loop) or covertly?

Should the test be carried out from outside, from the DMZ or from inside? Is a separate test network provided?