Penetration tests will reveal the existence of vulnerabilities and other vulnerabilities in your applications.
Our specialists use real hacker practices and procedures according to the OWASP, OSSTM methodology and our best practices.
Test the security of the application, mobile application or API. We perform security audits of more than 90 security areas according to the OWASP methodology.
Test the security of your perimeter from the public network, verify the correct configuration of your internal network or verify your cloud provider.
Our social engineering service will help you shed light on and document potential weaknesses among your employees.
The penetration test is used to assess the level of security by attempting to penetrate the tested environment.
This is a technical form of security audit, which is performed by simulating a real attack. The tester uses the same methods and tools as a hacker.
Testing involves the use of various manual techniques supported by automated tools, where the tester looks for vulnerabilities and, based on his experience and professional methods, proceeds to exploit specific vulnerabilities.
Penetration testing is often and mistakenly confused with vulnerability scanning, unlike manual pentests are these tets fully automated.
Testing will find deficiencies in the security of your IT infrastructure or web or mobile application.
The frequency of hacker attacks and the number of security flaws are increasing every day. Don’t take risks, test.
Penetration testing audits the current resilience of your systems and can thus become a good basis for security technology investment plans.
Other reasons to test:
What should you think about before preparing an assignment?
The penetration tests are followed by an evaluation phase. Our penetration test report is divided into two parts.
The first includes a description of all vulnerabilities found and security vulnerabilities, assessing their severity and degree of risk.
This is the technical part of the report, which is intended for security managers, technicians and application developers, where each vulnerability is also given recommendations on how to prevent or solve the problem.
The second part of the report contains a managerial summary, which clearly explains to the company’s management the vulnerabilities and security gaps found, their severity and the ways to eliminate all problems.
Upon request, we can send you a sample final message.
During penetration tests, a combination of manual and automated testing takes place with regard to the nature of the tested systems and applications.
When tests are performed in a production environment, the degree of automated testing and intervention in the production system is minimized so that the tests have the least impact on the tested systems and applications.
We proceed with testing in accordance with OWASP and OSSTM.
During the tests, we most often use the Kali Linux distribution and its tools, such as Nmap, Nobody, MetaSploit, DirBuster, Nessus, Hydra, OWASP ZAP, Burp Suite, John the Ripper and many others.
We also look for known vulnerabilities of the tested platform, we write and modify scripts for their exploitation.
A list of known exploits and vulnerabilities can be found, for example, at https://www.exploit-db.com/.
The price of penetration tests can range from 2.000 EUR to 12.000 EUR. The price is always equivalent to the scope and complexity of the project.
What affects the cost of testing?
The size of the test determines the number of employees or IP addresses. Difficulty is further evaluated according to the complexity of the applications, servers, devices and databases to be tested.
The cost of penetration testing varies according to the methodology and complexity of the test. The methodologies used have different areas of focus, which consist of test files. Adding or removing specific tests again affects the cost of penetration testing.
Pentesters with more experience will usually be more expensive. You will get what you are really looking for from an experienced tester. When choosing a penetration tester, we recommend following certifications such as ECSA, CEH or OSCP.
Most penetration tests can be performed off-site. However, there are cases where very large / complex environments are tested. At this point, an on-site visit to the customer may be necessary. Onsite tests are required each time for a physical security penetration test or social engineering methods.
Additional expenses await you in the event of a request for follow-up assistance with repair and / or a request for re-testing after repairs have been made.
We have many years of experience with projects in large corporations and banks.
We hold the globally recognized IT security certifications CEH – ECSA – CHFI.
We are continuously training and educating in the field of IT Security and Ethical Hacking.
We are an agile company with a transparent pricing policy.
We can quickly deploy testers on your projects.
If you have any questions, do not hesitate to contact us using the contact form, or we will be happy to meet you
in our offices in Prague, Brno and Bratislava.
Cyber Security BDM
+420 604 200 062 ITsecurity@integra.cz