Pen-Testing

What is Pen-Testing? How does this help me?

Pentration testing by IT Thurgau is a process in which the data security of your entire company is fully tested. Various techniques are used for this, which ultimately aim to gain control over as many computers in your company as possible. So we hack you on your behalf! As a result, you will receive a security report that shows you all security holes found in a structured way. As a 2nd product, we develop solutions to improve your data security situation.
The process is described in detail below.

1. The first meeting

This first meeting is non-binding and free of charge. The aim of this meeting is to find out as much as possible about the target company and target object(s). The reason for this is as follows;
For this conversation we do not meet in your company or somewhere else near a relevant objects. Rather, this meeting takes place in a cafe, restaurant of your choice, or at the headquarters of IT Thurgau. We need this initial anonymity for our work, after that it is meaningless. Of course, this meeting also offers the opportunity to get all your questions answered.

Meeting in Café

2. Discuss the offer and place the order

Discussion of offering

Based on the information from the first meeting, we create an offer for your penetration testing case.
The offer will be discussed online or at a location of your choice.
Pen testing prices can vary greatly. The main reasons for this are the physical expansion of the relevant objects of your company, the type of company (school, office building, industrial building) but also the current state of your IT infrastructure.
The target prices are: Small office (5-10 employees): 2500-5000 CHF, SME (10-100 employees): 5000-20000 CHF, large companies (>100 employees): >15000 CHF

3. Now the hacking beginns...

You don't have to do anything here. Now let's get to work.
The work takes place over a period of time defined by you. This is usually between 1 and 4 months for an average SME. The considerations in this regard must be: "How much time do the attackers take? What resources do they have at their disposal? How important is our company data for the attackers?"
Of course we guarantee that our work will not cause any damage to your property, your software or hardware.
We will contact you if we have already reached our goal before the agreed time frame has expired.

Pen-Testing in process

4. Security report and solution catalogue

Pen Testing Rapport

In this last step we will present the results of our work. You decide in front of which audience and where we hold this presentation.
It makes sense if the security gaps found are discussed on site.
All data that we were able to steal from your computers will be disclosed.

The techniques used are either fully disclosed, or only to the extent necessary to explain the vulnerabilities.

The discussion of the final report with improvement catalog completes the service.
Of course, we will always be there for you, should any questions arise.
On your request, we will also test your implemented patches.

Back to Cyber Security overview
+