Penetrationtests
We find the weak points in your systems
What is a penetration test?
A penetration test is a method of checking the security of an application, device or network that mainly considers technical aspects, although organisational security measures are also included.
As a service provider, we typically receive specific access to the systems to be analysed from you as the client. The type and scope of a penetration test depend on your specific requirements, objectives and the size of the infrastructure to be tested. In consultation, we utilise discovered vulnerabilities to gain access to additional systems. This enables us to assess the actual impact and risk potential of these vulnerabilities.
The result provides certainty
As a result of this test, you can be sure whether your hedging and hardening concepts described on paper are also effective in reality or whether you still need to take action.
You will receive a comprehensive report from us which, in addition to a non-technical summary for decision-makers, also contains all the details of the identified vulnerabilities, their impact and exploitability, as well as specific recommendations for reducing the risk and eliminating the vulnerability.
A penetration test is worthwhile for your company if
- you want to know how your IT security is really doing. Trust is good, control is better.
- you want to protect your assets and data.
- you want to introduce new hardware or software products.
- you want to be a trustworthy partner for your customers and suppliers.
- you want to prevent cyberattacks.
- They must comply with legal and industry-specific requirements and regulations.
Our PenTest specialisations
OT, IoT and Embedded PenTest
Secure your production!
OT and IoT devices and their applications require special hardening in order not to pose a risk. The supply of updates is often patchy - the devices must not pose a security risk even after a long time without updates.
Kubernetes PenTest
From containers to clusters: holistic security
Complex container networks and clusters often contain business-critical applications. With a particular focus on the assignment of rights, secure communication and fail-safety, we find the deficits and provide support in eliminating them.
Active Directory PenTest
Protect the centrepiece of your infrastructure
The Active Directory is one of the main targets of an attacker. Taking over accounts with extensive authorisations gives attackers access to critical core components. We find the weak points in your Active Directory administration and help you to harden your infrastructure!
Network penetration test
Once in, all gone: How easy is it for hackers on the network?
Secure network transitions and reliable segmentation secure particularly sensitive areas in your company. We find out whether attackers have an easy time in your network.
Web application PenTest
One application, many possibilities - even for attackers
Web applications, SaaS products and websites are often a lucrative target for attackers not only because of their public accessibility, but also because of the extensive data that the applications access. They therefore require special protection.
API penetration test
Are your interfaces secure?
Wherever interfaces communicate, it becomes interesting for attackers. We identify the starting points for attackers and offer concrete measures to remedy the situation.
Cloud & IaaS PenTest
Future-proof infrastructures require future-proof security
The move to the cloud and flexible infrastructures-as-code harbour great opportunities, but also often neglected risks. The cloud is not secure per se, only the attack vectors are different. We find the weak points.
Cyber Security Assessment
Gain a target-oriented overview of the status quo
Whether you want to gain an initial overview of the status quo of your company's cyber security, minimise the risk posed by a supplier or evaluate a company as part of due diligence, a cyber security assessment provides concrete proof of the current status.
The colleagues at Laokoon were on hand to answer any questions we had and provided uncomplicated support.
Team Leader Development