Description
This service was made for companies that are faced with the need to have a pentest carried out for the first time.
If you want to validate that your measures were sufficient after a security incident, if you have to comply with legal requirements for the first time, or if one of your clients requires you to carry out an extended review of your security stance, this pentest is for you.
Typical Costs
This is an all-inclusive offer. For €10'000, we offer you:
- One day of consultation by a senior consultant with the aim of defining your requirements
- We carry out a customized pentest for your website that addresses your requirements
- A detailed report summarizing the results of our pentest
- A further day of consultation with the same consultant, during which we help you derive the next steps towards a secure website
Procedure
Initial Contact
Please enter your enquiry into our
or reach out to us by mail to spoc@jubeco.de
In urgent cases, you can also reach us by phone on +49 171 17 468 92.
Preliminary Discussion
In the preliminary meeting we work out the following points together with you:
- Which website or which APIs are to be tested?
- What attack scenarios are to be expected for your position in the market?
- How can your resources in terms of personnel, money and time be used as efficiently as possible?
With this information, we will make various suggestions during this first meeting as to which scope might be appropriate for your requirements and resources.
To make your choice easier, we will also give you an estimate of the costs at this stage.
Commissioning
You will receive an offer from us with a detailed description of the requirements defined in the preliminary discussion.
As soon as we receive an order from you, we will ask you to name a technical contact with whom we will determine the exact details of the implementation of your pentest.
Final Report
After the pentest has been carried out, you will receive a detailed report from us in accordance with your requirements. This report typically contains the following points:
- Management summary
- General assessment of the security of the test object
- Overview of the steps required to achieve the required security level
- Technical summary for the developers or system administrators
- For each security vulnerability found:
- Assessment of criticality
- Technical description
- Mitigation measures
Closing Discussion
Here we present the final report to you and your team and advise you on how the insights gained can be implemented profitably in your company. Depending on your situation, this consultation can consist of the following elements:
- Dedicated support in eliminating the vulnerabilities identified in the pentest
- Setting up a development process that minimizes such vulnerabilities in principle
- Introduction of further security measures for the timely detection of and defense against attacks
- Further training of technical staff
- Use of risk management in your company
- Outlook on future attack scenarios that typically result from further growth of your company