Basic offer for penetration test

focusing on resilience
Basic offer for penetration test focusing on resilience

The assumption is that an attacker or malware has succeeded in penetrating a workstation PC. We demonstrate what opportunities there are for the attacker to spread from this vantage point and which measures can protect against this. Resilience = testing of the ability to resist attacks.

Scope

  • Purely technical review
  • Internal view based on the initial situation of an attacker or malware on a workstation PC

Your benefits: what is investigated?

  • Connection tests to the internet, as used by malware to contact the command & control server or load additional modules
  • Testing the workstation PC for vulnerabilities to privilege escalation (malware simulation)
  • Port and vulnerability scanning of the internal network, starting from the office network
  • Additional activities depending on the anomalies detected in the testing

Result (output)

  • Report with executive summary
  • The report contains results and analyses, evidence and recommended measures
  • Presentation and discussion of the report online or on site

Available options

  • Detailed testing of two server systems of your choice

Customer profile: who is the basic offer of the penetration test focusing on resilience aimed at?

  • Companies that want an initial classification of their existing security measures with regard to malware that is already present in the network
  • Companies that want a pre-configured basic package for a quick project launch requiring little effort
  • Companies that prefer a flat rate
  • SMEs and startups

Resource planning: plannable effort for you

This basic package requires an investment of around nine hours. This time is divided up as follows:

  • Participation in the kick-off meeting and report meeting
  • Setup of a workstation for the tester, including a standard PC & account and an additional network connection for our audit laptop
Additional offers from the audit field
Basic offer of penetration test focusing on intrusion
This offer focuses on the technical testing of vulnerabilities that could allow cybercriminals to penetrate your infrastructure.
Basic offer for penetration test focusing on OWASP Top 10
You have a web application with a protected area and features such as profile management, file storage and a contact form. We test your application for the top 10 risks according to OWASP and more.
Social Engineering – Professional Phishing Prevention
Phishing campaigns are used as part of an extensive audit project or as part of a security awareness project.