Penetration tests

A penetration test (“PenTest” for short) is a simulated attempted attack on defined corporate units.

Typically, this refers above all to general PenTests from outside the organization via the internet targeting its IT in order to identify vulnerabilities or targeted attacks on defined critical systems. But there are also further scenarios that can be useful (home office scenario, lateral movement, …). PenTests can be combined with social engineering, in which the contracted provider uses extended approaches (USB stick in the car park, physical access to offices, …) to test access.

Nowadays, PenTests are often performed as white-box or gray-box tests. In these, attackers are already familiar with (parts of) the IT system that is to be tested, which enables them to search for vulnerabilities in a targeted manner. However, the previous standard of black box testing is still effective in defined environments.

Request solution

10

person-days are considered a reasonable minimum for a broad PenTest on the organization

5

standard scenarios with patterns defined by Bosch CyberCompare

1,250 EUR

per testing day as minimum can be expected

1

Specify requirements

2

Anonymous tender under Bosch brand

3

Transparent comparison of top 3 providers

4

Provider pitches and customer decision

Main selection criteria

  • Price-performance ratio
  • References
  • Competence of the tester
  • Temporal and technical scope

Potential providers (not exhaustive):

Read case studies

How our service uncovered the security vulnerabilities of a leading global automation technology provider

How CyberCompare helped an automation manufacturer find a qualified provider for a complex training program

How an international technology group introduced effective asset management with our support