ProSec GmbH

+49 261 45093090

PENETRATION TESTING

DETECTION

PENETRATIONTEST  for

Healthcare
e-health

CONSULTING

SOLUTION

Trainings

EDUCATION

Penetration Testing

What do we mean by a Penetrationstest, or pentest for short?

Penetration testing is about manually checking IT systems for security gaps. In contrast to the IT security audit, security gaps (e.g. buffer overflows, format string vulnerabilities or simple rainbow table attacks on unfortunately often still used NTLMv2 authentications) are largely exploited so that a realistic picture of corporate security is created.

In addition to pure technical IT security, we test other fields such as physical IT security, for example using RFID or Mifare access card tests for doors or security gates. At the end of the day, there is still the residual risk – the person. Therefore, we test this risk with most penetration tests using social engineering – this is the only way to create real user awareness.

Otherwise it is only important to know that we do not sell a Nessus or OpenVAS scan report as a penetration test, as is unfortunately the case with increasing frequency.

Particularly in the eHealth area or especially in sensitive hospital areas, such “stupid” scans would be simply negligent.

Penetration Testing Certifications and Standards

What types of penetration tests do we do?

It is about patient data and human life

Every company has to be viewed in a differentiated manner and depends on individual protection. If you have already determined your protection requirements using an Information Security Management System (“ISMS”), the depth of the check is based on this procedure. In the case of critical assets, it is particularly important to avoid failures – it is hard to imagine that an operating room or X-ray machines would be impaired during a penetration test.

If no ISMS or a complete ISMS has been set up, we determine the test depth in a joint (free) appointment and a specially tailored catalog of questions in order to be able to submit an offer based on this.

The testing depths vary from simple script kiddie testing to the medical (industrial) level. A penetration test can therefore take between 4 days and several months.

The highest priority here is that none of the systems tested are impaired or even fail.

Karte der Standorte
Team Penetration Testing IT Infrastruktur
Medical Penetration Tests
Team testing an app
Web Application Pentests
Person testet App mit iPhone
Mobile Application Testing
Red Teaming
Red Teaming
API Test
API Tests
Speicherprogrammierbare Steuerung - Programmable Logic Controller
Medical IoT Pentests

Professionelle Hacker kennenlernen?

We look forward to getting to know you, just give us a call or contact us via the contact form!

Inquire now

OUR LOCATIONS

  • Headquarters:
  • ProSec GmbH
  • Robert-Koch-Straße 1-9,
    D-56751 Polch, Germany

  • Berlin office:
  • ProSec GmbH
  • Friedrichstr. 123,
    D-10117 Berlin, Germany

 

  • Munich office:
  • ProSec GmbH
  • Franz-Joseph-Str. 11,
    D-80801 München, Germany

TOP-SERVICES