Web, Mobile App and Infrastructure Pentests

The pentest - an effective solution for high IT security

Profit from our many years of experience! Penetration tests are planned, performed and evaluated by our specially trained analysts according to recognized standards.

Free certification as proof for your customers
Business risk analysis and management summary for the management
One-time verification free of charge
Comprehensive recommendation for the elimination of the weaknesses
10 years of Pentest expertise
Experience with disruptive cloud technologies like AWS, GCP or Microsoft Azure
Own and constantly updated scanner software in addition to the usual commercial tools

Our experienced IT Security Consultants uncover vulnerabilities before a real hacker can exploit them. Reduce remediation costs and network downtime. Our pentests enable you to comply with security regulations, such as those defined in an Information Security Management System (ISMS), and preserve your company's image and the loyalty of your customers.

The final report allows your company to develop efficient security measures and invest in the right business areas. We will be happy to review the security architecture at regular intervals, as the constant changes in the system should be continuously monitored.

We offer our services in various complexities and recognized standards in close consultation with our customers.

Range of services for IT security penetration testing

Basically, we classify pentests into three types, which can be arranged individually for each project.

Web Applications

A web pentest focuses exclusively on web technologies. Web applications and APIs have far-reaching permissions that provide a variety of attack vectors and are usually tied to the infrastructure.

Learn More

Mobile/App

Our mobile app pentesters have a background in network and web penetration testing, a quality necessary for pentesting mobile apps, because almost every app communicates with a backend system.

Learn More

Critical Infrastructure

The pentest for critical IT infrastructures (KRITIS) tests the security of e.g. server systems, VPN systems, WLAN networks and firewalls. As a basis for secure applications, the system and the network infrastructure must not be neglected.

Learn More

Final Report

We have developed a comprehensive reporting format that provides optimal insight into our work and its results.

Web pentests are performed and evaluated according to the OWASP Testing Guide.
Our detailed reporting format not only provides information about which vulnerabilities were identified during the pentest, but also which attack vectors were checked. This allows you to understand our work in an optimal way.
The final report is created individually and delivered both as a classical PDF document and in a special HTML format. In the dynamic HTML format, content and vulnerability findings can be filtered, sorted and exported to other formats.
In a joint final meeting, we will discuss the details of the report with you and, if necessary, support you in eliminating the identified weaknesses.

References

Companies that trust our professional competence.

Frederik Vollert
Managing Director & Co-Founder of Phrase
turingpoint conducted a web penetration test on the Phrase.com website and API as an external system audit as part of our Information Security Management System. The team conducted the tests in a highly professional manner, identifying a number of potentially malicious exploits and security enhancements through libraries, the application of security protocols and the browser level. The report helped us identify current strengths and weaknesses in our security architecture and resulted in changes to our code base to minimize security weaknesses. We look forward to our next penetration test withturingpoint!
David Holetzeck
CEO – Table of Visions
Our expectations regarding quality, customer service and the execution of the penetration test and the hosting security check were exceeded and we can recommend the team of turingpoint GmbH without any restrictions. If you are looking for a service provider who prepares documents in such a way that everyone can understand them and provides advice on how to solve problems, turingpoint is the right partner for you.