Penetration Test

State-of-the-Art in IT System Intrusion

We assess the IT security level in your company from two different perpectives: SySS security tests comprise the connection of the internal network with the internet as well as the specific internal infrastructure, thereby covering the most possible range of attack scenarios. 

SySS GmbH and the penetration test

SySS and penetration testing are inseparably linked. In 1998, the penetration test was the reason for the foundation of SySS. Today, we are market leader in Germany as well as in Europe in this field. This is why we focus on high-quality penetration testing with highest quality since we started.

(copy 1)

For detailed project advice

Bettina Hügel
anfrage(at)syss.de 
+49 (0)7071 - 40 78 56-6176

The purpose of a penetration test

Which outcomes will be achieved by a penetration test? 

  • Prevent hacker attacks and system intrusions
  • Protect valuable company data and knowledge
  • Save time and lower costs in tracing and tracking potential hacker attacks
  • Remain in control over your IT system

Test design

The following diagram illustrates the modular structure according to which we conduct a penetration test. The approach is documented in detail in our Whitepaper.

SySS White Paper

In-depth information about penetration testing and about the way we work

Kickoff

Together with you we discuss and plan the execution of the test in detail.

Test modules

Analysis of the selected test objects/modules.

Docu

For each project carried out you will receive a detailed written documentation. In this test report we present the test results as well as a description of the test procedure and the tested objects. Therefore, the documentation serves as a comprehensive basis for the elimination of vulnerabilities. In a two-step quality assurance process, the report is reviewed for technical and linguistic accuracy.

Pres

If required, we will present our results to you and your colleagues or superiors.

Retest

Given the dynamic nature of IT systems and networks, security risks and gateways change over time. Hence, a penetration test is only a snapshot of the current security standard. If required changes are implemented in response to a penetration test, we strongly recommend an follow-up examination. We thereby determine the security impact of implemented changes on your system and check whether there are any remaining or potential new issues.

IP-RANGE

Analysis of, e.g., your IP address ranges that are accessible via the internet or selected internal systems 

Webapp

Testing of your web application from various attacker perspectives

LAN

Analysis of your systems from the local network, e.g., "the cleaning staff/intern scenario", client, VoIP, VLAN, Active Directory, SAP analysis, testing of production systems and critical infrastructure

Target

Assessment of client-side vulnerabilities to targeted attacks from the internet

Webservice

Detailed analysis of your offered web services (e.g., SOAP, REST)

WLAN

Test of your WLAN infrastructure

Mobile

In-depth security test of mobile apps and devices (e.g., iOS, Android) as well as mobile device management solutions

Lab

Individual laboratory tests: Software, hardware and device testing, internet-of-things product testing