Penetration tests

Cyber attacks are becoming more frequent and more dangerous. If you want to protect your company from their impact, a penetration test is essential.

A penetration test is a simulation of a real cyber attack that reveals security weaknesses in IT systems.

Penetration tests are tailored to your needs. We tailor them to your specific systems and applications to give you the most accurate results.

More than 300 EU companies have already used our services. We are a reliable partner to help you protect your company from cyber attack.

Penetration tests: the way to protect your organisation from cyber attacks

Penetration testing is a simulation of a cyber-attack that is conducted to uncover weaknesses in IT security. These weaknesses can be exploited by attackers to gain access to sensitive data, such as customer personal data, company know-how, or they can also cause disruptions.

Penetration tests are an important part of an overall cybersecurity strategy. They can help organisations identify and address weaknesses in their security, and thus better defend against cyber threats.

For example, a penetration test may reveal that an organization is using weak passwords that can be easily cracked. It can also reveal that an organization has a security hole in its network that an attacker can exploit to gain access to sensitive data.

Penetration tests are conducted by qualified experts who use the same techniques and tools as the actual attackers. As a result, they are able to detect even the most hidden weaknesses.

Penetrační testy

Benefits of Penetration Testing

Protecting personal data, confidential information and reducing the risk of financial loss

Minimising the impact of security incidents

Early identification of security vulnerabilities in systems

Compliance with the Cybersecurity Act, CNB regulations, ISO 27001, TISAX audit and more

Ares of testing

The tests are divided into several areas depending on what their objective is.

Application & API

Test the security of the application, mobile application or API. We perform security audits of more than 90 security areas according to the OWASP methodology.


Show more →

Infrastructure & cloud

Test the security of your perimeter from the public network, verify the correct configuration of your internal network or verify your cloud provider.


Show more →

Social engineering

Our social engineering service will help you shed light on and document potential weaknesses among your employees.


Show more →

Our certificates

We hold globally recognized cybersecurity certifications.

We provide penetration testing using a proprietary methodology for application and infrastructure testing based on the international OSSTMM, OWASP and PTES methodologies.

Penetration tests

Methods & tools

Penetration testing involves a combination of manual and automated testing, depending on the nature of the systems and applications being tested.

If the tests are performed in a production environment, the level of automated testing and interference with the production system can be minimized so as not to cause unnecessary damage.

During testing we use our own procedures based on OSSTMM, OWASP and PTES methodologies.

During testing we mostly use the Kali linux distribution and its tools: Nmap, Nikto, MetaSploit, Nessus, Hydra, OWASP ZAP, Burp Suite, John the Ripper and others.

The penetration tester looks for vulnerabilities in the platform under test and writes and modifies scripts to exploit them.

Results from penetration tests

Each penetration test is followed by an evaluation phase that describes the course of the test, a description of any vulnerabilities found, and a rating of their severity according to the CVSS classification.

Technical part

This is the part of the report that is aimed at security managers, engineers and application developers, where each vulnerability is also accompanied by a recommendation on how to prevent or resolve the issue.

It includes:

  • A description of the tests performed and their scope
  • Explanation of vulnerability classification
  • A description of the findings from each phase of testing
  • A summary of the vulnerabilities found
  • Final evaluation of the test performed

Management summary

At the end of the report, you will find a management report that explains to the company’s management the vulnerabilities and security gaps found, their severity, and ways to fix any problems.

How much do penetration tests cost?

The price of penetration tests usually ranges from 3000 EUR to 7000 EUR, depending on the scope and complexity of the specific project.

For example, a comprehensive penetration test of a medium-sized infrastructure requires 15 MD of tester’s work.

What factors affect the cost?

Scope of tests

The scope of testing is directly proportional to the number of assets and their complexity (IP addresses, applications, databases, devices, APIs, etc.).

Test methodology

The price of penetration testing also varies depending on the methodology and complexity of the test. The methodologies used have different areas of focus, which consist of sets of tests. Adding or removing specific tests again affects the cost of penetration testing. E.g. OWASP vs OWASP Top 10.

Place of execution

Penetration testing of web applications and most other tests can be performed off-site. However, there are cases where large and complex environments are tested. At this point, an on-site visit to the customer’s site may be necessary. Onsite tests are also required for physical security penetration testing.

Extra services

You will incur additional costs if you require assistance with remediation and/or require re-testing after repairs have been carried out.

References

Case study

Contact us

Contact us using the contact form and our specialist will get back to you within 24 hours.

Request for sample report of test results

Žadost o vzorovou zprávu výsledků z testu