Against the backdrop of a systematically intensifying threat situation (cf. BSI Magazine 2016/01, p. 36-38) and the increasing importance of corporate information, the risk-oriented protection of sensitive information and data must be an integral part of corporate strategy in order to secure the company’s success in the long term.
The prevailing threat situation manifests itself in the rise of attacks on sensitive corporate information (product specifications, customer data, sales figures, etc.) by hacktivists, hackers, competitors or states. In the course of increasing digitalization and networking of production workflows and service processes, the growing vulnerability of companies is facing a professionalization of targeted attacks on corporate information. The company’s internal risk potential is largely based on an insufficiently practiced information security culture, insufficiently qualified employees and the operation of historically grown structures with greatly increased complexity.
In addition to DAX-listed companies, medium-sized enterprises are also the focus of attackers, whose attacks jeopardize system availability, employee and system access data, and thus corporate reputation (bitkom reports). The effects of the attacks can cause considerable damage to companies and threaten their existence if suitable protective measures are not implemented.
Security Penetration Testing looks at your business from a hacker’s perspective – without the associated risks to you. A security penetration test helps you answer important questions:
Threats do not result solely from the connection of IT systems to external networks, such as the Internet, but are often also due to sources of danger within the company.
Together, we develop and evaluate the internal and external threat profiles for your business processes, employees and IT systems. On this basis, we develop attack scenarios to conduct the Penetration Testing for the security of your IT systems with minimal risk to productive processes in the company.
Security Penetration Testing aims to identify vulnerabilities in IT systems of a defined target environment based on a systematic methodology. SPTs are conducted using the same techniques, tools and expert knowledge that real attackers/ Hackers use. Our experienced penetration testers use automated and manual testing procedures to efficiently present realistic attack scenarios.
In addition to technical analyses, the scope of a security penetration test can also include social level attacks to test the security awareness of a company’s employees with regard to information disclosure and the conscious or unconscious use of unapproved applications.
Teligencia has developed its own methodology for conducting security penetration tests, which focuses on the risk-based execution of the analyses and aligned within all industry relevants Standards and regulations as per the #ISO_27001, #OWASP_10, #IEC_62443-4-1 and #IEC_62443-4-2, #ETSI_EN_303645, #ISO_21434 and #NIST.
The Penetration Testing approach is basically on 4 steps:
The entire Teligencia methodology for conducting security penetration tests is carried out using expert knowledge, “best practice” methods and standards (OWASP Top 10 (as of 2013), OSSTMM, BSI Penetration Test Methodology, WASC or SANS Top 25) and our experts are OSCP certified.
We offer a comprehensive portfolio of highly specialized services. The services listed below can be individually tailored and combined to meet your company’s needs.
The analysis and test results of the Security Penetration Test provide detailed information about which targets could be successfully achieved from an attacker’s point of view and which measures are required to counteract possible threats. In this way, the Security Penetration Test makes a significant contribution to risk control in an area that is sensitive and at the same time difficult for most companies to assess.
Benefit from our analyses and assessments, which are specifically geared to your IT network systems and business processes. Attacks and their effects are presented by us in a verifiable and comprehensible manner in each individual case. Our technical and strategic recommendations provide you with information on how you can counter your security-specific challenges in the future and reduce possible consequential costs to a minimum.
As part of a security penetration test with Teligencia, a team of offensice Security experts tests your systems before real attackers do so without your knowledge. Quickly and with the necessary confidentiality, we help you identify vulnerabilities in your IT systems and the associated risks. Exactly where it is needed. We will not only show you vulnerabilities and risks, but will work with you to create viable and effective IT solutions for your business.
As a full-service IT provider, Tligencia has successfully conducted a large number of security penetration tests in the past. The clients advised by Teligencia vary not only in size, but also in industry affiliation.