Mit Penetration Testing die Sicherheit Ihres Unternehmens oder Embedded & IoT Devices testen
What is a Penetration Test?
During a penetration test, your IT systems are checked for security holes and vulnerabilities. Known security gaps have already been exploited to the greatest possible extent, so that a realistic picture of IT security emerges from the frequency of these.
Cyber attacks can not only disrupt or destroy your IT systems and IT infrastructure, but also result in financial or reputational damage.
If a protection needs analysis has already been carried out by an ISMS, the penetration tests are based on these results.
If this is not the case, we determine the depth of testing for a penetration test in a specially tailored question catalog.
The situation is similar with embedded devices that are located in an IoT network, e.g. a vehicle, an aircraft or a production line. Here, the penetration test is performed specifically to the OEM’s requirements or after analysis of the system.
The execution of a penetration test is basically done according to the procedure model of the Penetration Testing Execution Standard (PTES)”:
Information Gathering
Threat Modeling
Vulnerability Analysis
Exploitation
Post-Exploitation
Reporting
Especially the reporting at the end is an important step that concludes a penetration test.
The customer receives the results of the tests and the corresponding solution options presented in a comprehensible way and can react accordingly.
Our services, your advantages:
Review of the Security Level
You have already defined security levels in your development or production?
We check their compliance and can support you with suggestions for improvement if required.Technical Audit
You need an overview of your IT security through an independent external audit.
We identify potential system vulnerabilities.Determination of Security Measures
After a review of your systems, we provide recommendations for security measures.
These lead to a long-term increase in the security level of your organization or products.
Frequently Asked Questions
- Penetration testers examine the IT or IoT and embedded devices of the commissioning companies for security gaps and/or security weaknesses. This is done according to a predefined set of rules.
- You can opt for a classic penetration testing approach, where a project is initiated with preparation time and corresponding final documentation.
- Embedded devices also have potential vulnerabilities and interfaces to the real world.
These are checked and documented during penetration testing.
Finally, potential solutions are also identified here.