Penetration
tests

Attacks on IT systems are increasing from year to year. By using penetration tests, we practically recreate attacks and localize vulnerabilities. We perform penetration tests on web applications, network infrastructure, server and storage systems, as well as WLAN environments. As a result of the test you will receive a detailed report. This report consists of two parts: A management summary and a technical part for the administrators/developers in your company.

A penetration test has different objectives:

• To verify IT security on a technical level.
• To identify possible vulnerabilities
• To have your own IT security confirmed by a security expert

The German Federal Office for Information Security (BSI) has developed a classification scheme that can be used to describe a penetration test:

• Information base
• Aggressiveness
• Starting point
• Technology to be tested
• Scope of the penetration test to be performed
• Procedure

Based on these predefined criteria, menoora compiles an individual penetration test together with you as the client in order to be able to present comprehensible results in the most target-oriented and timely manner possible. The focus is on manual penetration tests and source code audits with a focus on established security standards and exceptionally secured environments. We use penetration tests (black / white box) to check your existing network infrastructure, your deployed applications and your IT systems. We also audit the design and the underlying process. We also conduct a code review for your relevant applications and examine them for vulnerabilities in the programming. As a follow-up, we conduct workshops and training sessions with the developers on the topic of "Secure Coding" and sensitize the developers during the development of the source code.