Security audits – penetration testing – ethical hacking

Penetration testing, sometimes called ethical hacking or pentest, is an authorized, simulated attack on a computer system or application with the aim of discovering existing and potential vulnerabilities.

We carry out security audits highly professionally, accurately, and safely.

Our penetration testing is precisely designed according to the customer’s needs, even in the case of the most affordable automated, basic penetration test of a web application.

A properly conducted audit of the security of an application or system brings many benefits:

  • A safe way to find out as-is status of information security in the company.

  • A detailed report on security risks with specific recommendations on patching “bugs”

  • Significant improvement in the protection of the company’s investments against internal and external penetration

Penetračné testy - audity bezpečnosti

Options for security audits

Pricing for security audits

Basic test of a web application

  • Duration: 1 day
  • Automatized test
  • Managerial summary: yes
  • Detailed technical report: yes

Extended test of a web app

  • Duration: 3 – 4 days
  • Combined test
  • Managerial summary: yes
  • Detailed technical report: yes

TOP10 OWASP audit

  • Duration: 1 – 2 weeks
  • Manual test
  • Managerial summary: yes
  • Detailed technical report: yes

Full OWASP audit

  • Duration: 2 – 4 weeks
  • Manual test
  • Managerial summary: yes
  • Detailed technical report: yes

We will prepare a customized price quote for your environment almost instantly. Do not hesitate to contact us.

ITčko je IT na prenájom

Methods and procedures for conducting security audits

Penetration testing can be conducted in so-called Black box mode, where the testing team does not receive any information about the internal functioning of the company, access to source code or information about the architecture.

This is an attempt to precisely imitate the conditions under which the attacker usually works. This type of testing takes longer and is carried out on the running infrastructure.

On the other hand, testing in White box mode, sometimes called “clear box testing,” takes place with complete access to information about systems, architecture, and source code.

This method allows vulnerabilities to be detected more effectively than the trial and error method in Black box testing and also ensures better coverage of the tested infrastructure, as the testing team sees behind the curtain.

Testing in the Gray box mode is a combination of White and Black box approaches. The testing team may have access to selected information about the environment and specific access to the internal network, similar to what an external partner or company employee would have.

This approach allows testers to focus on specific vulnerabilities and also leaves room for comparing the thinking of a security professional and an attacker.

Happy to talk to you!

Penetration testing is a safe, reliable, and accessible way to prevent the leak of information and further damage from inside the company, as well as from the internet.

Ask for a free consultation with our experts.

Our team will carefully assess the security of your environments and recommend the best approach for conducting the audit.

  • The output of each of our tests is not only a detailed technical report, but also a managerial summary

  • Penetration tests are extremely safe, contractually covered in advance for specific areas

  • Your data is protected through an NDA (non-disclosure agreement) during and after the testing process

Get a quote