Protect your IT systems with Pentests!
Our experienced IT security experts help you to protect your web applications, mobile apps and systems from real threats and implement risk mitigation.

Protect your IT systems with Pentests!

Our experienced IT security experts help you to protect your web applications, mobile apps and systems from real threats and implement risk mitigation.

What is a Penetration Test?

A pentest is a procedure to assess the security of applications, networks and infrastructures by methodical validation and verification of the effectiveness of security controls. The process includes an active analysis of the systems with the methods of a real attacker from external or internal sources. All security problems identified are presented to the customer together with an impact assessment, a proposal for risk mitigation or a technical solution.


Penetration Testing - an effective solution for high IT Security

Profit from our many years of experience! Penetration tests are planned, performed and evaluated by our specially trained analysts according to recognized standards.

  • Free certification as proof for your customers
  • Business risk analysis and management summary for the management
  • One-time verification free of charge
  • Comprehensive recommendation for the elimination of the weaknesses
  • 10 years of Pentest expertise
  • Experience with disruptive cloud technologies like AWS, GCP or Microsoft Azure
  • Own and constantly updated scanner software in addition to the usual commercial tools

Our experienced IT Security Consultants uncover vulnerabilities before a real hacker can exploit them. Reduce remediation costs and network downtime. Our pentests enable you to comply with security regulations, such as those defined in an Information Security Management System (ISMS), and preserve your company's image and the loyalty of your customers.

The final report allows your company to develop efficient security measures and invest in the right business areas. We will be happy to review the security architecture at regular intervals, as the constant changes in the system should be continuously monitored.

We offer our services in various complexities and recognized standards in close consultation with our customers.

Range of services for IT Security Penetration Testing

Basically, we classify pentests into three types, which can be arranged individually for each project.

Web Pentest
Web Applications

A web pentest focuses exclusively on web technologies. Web applications and APIs have far-reaching permissions that provide a variety of attack vectors and are usually tied to the infrastructure.

Mobile Pentest

Our mobile app pentesters have a background in network and web penetration testing, a quality necessary for pentesting mobile apps, because almost every app communicates with a backend system.

Infrastructure Pentest
Critical Infrastructure

The pentest for critical IT infrastructures (KRITIS) tests the security of e.g. server systems, VPN systems, WLAN networks and firewalls. As a basis for secure applications, the system and the network infrastructure must not be neglected.

Final Report & IT Security Certificate

We have developed a comprehensive reporting format and certificates that provide optimal insight into our work and its results.

Comprehensive Final Report
Pentest Report
  • Our report is prepared according to recognized standards and includes a Management Summary, a vulnerability overview, details on vulnerabilities and remediation steps. The evaluation of the Findings depends on the CVSS 3.0 Standard.
  • The detailed reporting format not only shows which vulnerabilities were identified during the pentest, but also which attack vectors were checked. Thus, you can understand our work in an optimal way.
  • The final report is individually created and delivered as a classic PDF document or in a special HTML format. In the dynamic HTML format, content and vulnerability findings can be filtered, sorted and exported to other formats.
  • We have an effective and comprehensive format for demonstrable safety that can be integrated directly into your website. This certificate proves to third parties such as customers or insurance companies a high security level, data protection and a sensitization for IT security.
  • The certificates issued by us prove a high IT security level at a given time according to a standard or individual test modules. Different test guidelines are selected and evaluated depending on the assessment.
  • Our certificate is issued only to those who achieve a good pentest result or, after a free night test, receive the required level of maturity from our Ethical Hackers.
Certification with Seal
Pentest-Zertifikat von turingpoint GmbH

Pen Test References

Companies that trust our professional competence.

  • Frederik Vollert
    Frederik Vollert
    Managing Director & Co-Founder of Phrase

    turingpoint conducted a web penetration test on the website and API as an external system audit as part of our Information Security Management System. The team conducted the tests in a highly professional manner, identifying a number of potentially malicious exploits and security enhancements through libraries, the application of security protocols and the browser level. The report helped us identify current strengths and weaknesses in our security architecture and resulted in changes to our code base to minimize security weaknesses. We look forward to our next penetration test with turingpoint!

  • David Holetzeck
    Dr. med. Christoph Twesten
    Founder / CTO – MillionFriends

    Perfood GmbH address several diseases and predeseases with digital therapeutics. The portfolio includes medical products and DIGAs (digital health application under the German Healthcare Act). IT Security is a very important aspect of our business. In April 2020 turingpoint conducted a penetration-test on the API of our backend as an external system audit as part of the certification process for one of our medical products. In July 2020 we consulted turingpoint for a global Cybersecurity audit including our mobile app, backend, website and aspects of IT security in our office in Lübeck. The team conducted the tests in a very professional way and was a great help in finding potential threats and optimize the security of our system. Turingpoint also reviewed the architecture of our backend setup and helped us to design this critical part of our infrastructure in the most secure way. We are very satisfied with the results and looking forward to our next project together!

  • David Holetzeck
    David Holetzeck
    CEO – Table of Visions

    Our expectations regarding quality, customer service and the execution of the penetration test and the hosting security check were exceeded and we can recommend the team of turingpoint GmbH without any restrictions. If you are looking for a service provider who prepares documents in such a way that everyone can understand them and provides advice on how to solve problems, turingpoint is the right partner for you.

  • Phrase
  • MillionFriends
  • Billomat
  • Speechagain
  • dWERK
  • Table of Visions
  • micro-biolytics GmbH
  • Digital Health Factory
  • M2P
  • Laufenberg
  • Perfood
  • RocketBeans
  • Mevaco

Certificates & Partner

We maintain a network for active exchange of knowledge and assistance.

  • OSCP
  • Portswigger
  • Tenable
  • rapid7
  • Security made in Germany
  • Allianz für Cyber-Sicherheit

Curious? Convinced? Interested?

Arrange a non-binding initial meeting with one of our sales representatives. Use the following link to select an appointment:

 Arrange a meeting

Alternatively, you can write us a message. Request a sample report or our service portfolio today. We will be happy to consult you!