Small and medium-sized businesses

KMU Pentest

A special pentest for small and medium-sized companies (KMU), to assess core risks in your organisation.

Internal infrastructure

We conduct a full vulnerability scan of your infrastructure. You receive an overview of identified vulnerabilities and attack vectors.

Public infrastructure

We evaluate public infrastructure (e.g., VPN servers, applications, e-mail servers) regarding known vulnerabilities.

Active Directory

We assess your Active Directory (AD) towards misconfigurations and vulnerabilities. This includes analysing, whether attackers can obtain administrative rights.

Cyber Security Check

The first step of a hacker is an information gathering phase. We evaluate, which information about your comapny can be obtain from public sources.

Leaked Information

We check, whether data of your employees has been affected by data leaks and whether this data is publicly accessible.

6.900 € plus VAT fixed price

360° Analysis

Our package offer for you:

We analyse your infrastructure from different viewpoints in a risk based assessment. Your get a detailled overview of possible vulnerabilities from the perspective of a hacker. We analyse internal, as well as external attack vectors.

We incorporate current attack methods and common vulnerabilities. The penetration test is a combination of automated and manual testing.

You receive a detailled report of all our findings including remediation recommendations for all identified vulnerabilities.

IT-Security in KMU

Data & facts

0
Average damage caused by manual hacking
0 %
all companies in Germany have been victims of cyber attacks
0 %
the affected companies had direct costs caused by the attacks

KMU Pentest

Specification of our services

An in-depth analysis of individual IT components, such as the Active Directory or a single application is oftentimes not viable for small and medium-sized companies. The test effort is comparably high and the results are limited to particular systems. Oftentimes, an overview of general vulnerabilities and so called “quick wins” of the infrastructure makes more sense.

Therefore we have developed a pentest package that serves the needs of KMU companies. We thus favor a broad assessment of your infrastructure over in-depth testing of single components. You receive a broad overview of possible attack vectors. Based on the KMU pentest you can task us to conduct more specific tests of single components.

The KMU pentest includes manual, as well as automated testing methods. Of course you will receive a full reportdetailing the conducted testing methodology, results and recommendations.

blank

With our KMU pentest you receive a full-featured assessment following our general quality standards. The KMU pentest is conducted in adherence to our processes and consists of the following phases:

Service components

Cyber Security Check

We check public resources for sensitive data about your company. This is generally the first step of an attacker.

Public infrastructure

We evaluate public endpoints regarding vulnerabilities and attack vectors, e.g., open ports or outdated software.

Active Directory

The AD is usually a critical infrastructure component. We assess, whether an attacker is able to obtain administrative privileges.

Internal infrastructure

In your internal infrastructure we conduct a full scan and evaluate identified vulnerabilities.

Leaked Information

We evaluate, whether data of your employees is contained in public databases (e.g., passwords or logins).

Comparison with individual pentests

  • KMU Pentest
  • Individueller Pentest
KMU PentestIndividueller Pentest
6900
zzgl. MwSt.
Individuelles Angebot
Testing depthBreite Prüfung über viele KomponentenTiefe Prüfung einzelner Komponenten
ScopeGenerelle Schwachstellen der InfrastrukturZielgerichtete Analyse der Komponenten
AvailabilityNur für kleine und mittlere UnternehmenFür alle Unternehmen verfügbar
AssessmentRemote oder vor OrtRemote oder vor Ort
BillingFestpreisIndividuelles Angebot je Pentest
FlexibilityGeringHoch
KMU Pentest anfragenZum Konfigurator

Frequent questions regarding KMU pentests

Per definition of the EU commission, KMU companies have less than 250 employees and an annual turnover up to 50 million € or a balance sheet total not exceeding 43 million €. More information on the KMU definition can be found under:KMU-Definition der Europäischen Kommission – Förderberatung.

The KMU pentest is a fixed price offer, which we only offer in this package. If you have additional requirements, we can extend the KMU pentest or create an individual pentest offer for you.

No, the KMU pentest can also be conducted remotely. In this case we provide you with an access box that you set up in your network. Using the access box our testers can conduct all necessary tests. After the pentest has concluded you simply send the box back to us. In this case no additional travel fees arise.

In some federate states grants will be given for IT security services, such as penetration tests. We gladly advise when applying for grants. Please talk to one of our consultants.

You receive a detailed report with all findings and detailed remediation recommendations. Of course we support you after the test is finished (e.g., with the remediation of vulnerabilites or a retest for the verification of implemented measures). With our affiliate, the tacticx Consulting GmbH, we can also offer you extensive consulting in the fields of information security or data protection.