Small and medium-sized businesses
A special pentest for small and medium-sized companies (KMU), to assess core risks in your organisation.
We conduct a full vulnerability scan of your infrastructure. You receive an overview of identified vulnerabilities and attack vectors.
We evaluate public infrastructure (e.g., VPN servers, applications, e-mail servers) regarding known vulnerabilities.
We assess your Active Directory (AD) towards misconfigurations and vulnerabilities. This includes analysing, whether attackers can obtain administrative rights.
Cyber Security Check
The first step of a hacker is an information gathering phase. We evaluate, which information about your comapny can be obtain from public sources.
We check, whether data of your employees has been affected by data leaks and whether this data is publicly accessible.
6.900 € plus VAT fixed price
Our package offer for you:
We analyse your infrastructure from different viewpoints in a risk based assessment. Your get a detailled overview of possible vulnerabilities from the perspective of a hacker. We analyse internal, as well as external attack vectors.
We incorporate current attack methods and common vulnerabilities. The penetration test is a combination of automated and manual testing.
You receive a detailled report of all our findings including remediation recommendations for all identified vulnerabilities.
IT-Security in KMU
Data & facts
Specification of our services
An in-depth analysis of individual IT components, such as the Active Directory or a single application is oftentimes not viable for small and medium-sized companies. The test effort is comparably high and the results are limited to particular systems. Oftentimes, an overview of general vulnerabilities and so called “quick wins” of the infrastructure makes more sense.
Therefore we have developed a pentest package that serves the needs of KMU companies. We thus favor a broad assessment of your infrastructure over in-depth testing of single components. You receive a broad overview of possible attack vectors. Based on the KMU pentest you can task us to conduct more specific tests of single components.
The KMU pentest includes manual, as well as automated testing methods. Of course you will receive a full reportdetailing the conducted testing methodology, results and recommendations.
With our KMU pentest you receive a full-featured assessment following our general quality standards. The KMU pentest is conducted in adherence to our processes and consists of the following phases:
Comparison with individual pentests
- KMU Pentest
- Individueller Pentest
|KMU Pentest||Individueller Pentest|
|Testing depth||Breite Prüfung über viele Komponenten||Tiefe Prüfung einzelner Komponenten|
|Scope||Generelle Schwachstellen der Infrastruktur||Zielgerichtete Analyse der Komponenten|
|Availability||Nur für kleine und mittlere Unternehmen||Für alle Unternehmen verfügbar|
|Assessment||Remote oder vor Ort||Remote oder vor Ort|
|Billing||Festpreis||Individuelles Angebot je Pentest|
|Flexibility||Gering||Hoch||KMU Pentest anfragen||Zum Konfigurator|
Frequent questions regarding KMU pentests
Per definition of the EU commission, KMU companies have less than 250 employees and an annual turnover up to 50 million € or a balance sheet total not exceeding 43 million €. More information on the KMU definition can be found under:KMU-Definition der Europäischen Kommission – Förderberatung.
The KMU pentest is a fixed price offer, which we only offer in this package. If you have additional requirements, we can extend the KMU pentest or create an individual pentest offer for you.
No, the KMU pentest can also be conducted remotely. In this case we provide you with an access box that you set up in your network. Using the access box our testers can conduct all necessary tests. After the pentest has concluded you simply send the box back to us. In this case no additional travel fees arise.
In some federate states grants will be given for IT security services, such as penetration tests. We gladly advise when applying for grants. Please talk to one of our consultants.
You receive a detailed report with all findings and detailed remediation recommendations. Of course we support you after the test is finished (e.g., with the remediation of vulnerabilites or a retest for the verification of implemented measures). With our affiliate, the tacticx Consulting GmbH, we can also offer you extensive consulting in the fields of information security or data protection.