pentest eller sårbarhedsscanning?

If you need to have a pentest or vulnerability scan performed, we have many options to assist you. Getting a pentest/vulnerability scan done does not necessarily have to be a big investment, as long as it is adapted to your needs.

Our pentests and vulnerability scans are performed according to the OWASP model, which is an internationally recognized standard for IT security. You can read more about OWASP. HERE

Tiber

pentest

Before conducting a pentest, it is important to define the appropriate scope as a it can encompass everything from online servers to physical access within the company.

A typical example could be testing against the servers that have undergone a vulnerability scan to ensure there are no security vulnerabilities.

When performing a penetration test, we act as ethical hackers and attempt to gain unauthorized access to the company's systems using various methods such as brute force login, SQL injection, API bypass, phishing, and more. 

After completing a penetration test, a report is prepared detailing the discovered security vulnerabilities and suggestions for improvement.

Vulnerability scanning

Vulnerability, is typically performed on servers that have access to the internet, such as a web server. In a standard vulnerability scan, the server is scanned for known vulnerabilities and a report is prepared with a description of the scan and any changes/improvements that can be made.

If you require ongoing automated scanning, we have a 'managed' setup where Leave a Mark ensures that the scanning is continuously updated as new vulnerabilities are discovered.

If you need to have a Pentest or vulnerability scan carried out, you are very welcome to contact us at +45 535 27000 to learn more about pricing and options.

Vulnerability scanning
Fixed price for reviewing 3 IP/domains: DKK 1950 per month, excluding VAT.
Our automated scans contain as a minimum the following:
Setting up scanning for up to 3 IP/domains.
Host/Domain response scanning
Port scanning
Header scanning (Clickjacking)
TLS/SSL scanning
DNS setting
Robots scanning
Changes since the last scan
Manual review of the report
Online access to reports (stored for 24 months for auditing purposes)
Report data is fully encrypted with strong encryption.
Updating the scanning system to address known vulnerabilities.

Benefits of having a pentest or vulnerability scanning conducted

Security for critical data 

Når virksomheder udfører en Pentest eller sårbarhedsscanning, kan  potentielle sikkerhedshuller i IT-infrastrukturen identificeres. Det gør det muligt at lukke disse huller og beskytte kritiske data, som personlige oplysninger, økonomiske data eller forretningshemmeligheder.

Protection against cyber attacks

A penetration test or vulnerability scanning can reveal where a company is most vulnerable to attacks.

This enables taking appropriate measures to strengthen those areas and reduce the risk of cyber attacks.

Compliance with regulations

Many industries have strict regulations regarding data protection, and a penetration test or vulnerability scanning can help companies ensure compliance with these regulations.

It can prevent potential costly fines and criminal sanctions.

Increased customer trust

By demonstrating a commitment to security and conducting ongoing vulnerability testing, customers can feel more confident in entering their personal information or conducting transactions. This can help build customer trust and loyalty.

Cost-effectiveness 

While investing in a pentest or vulnerability scanning may seem costly, the expenses associated with a data breach can be much higher. In addition to the direct costs of data recovery and addressing security vulnerabilities, there can also be indirect costs such as lost business, customer distrust, and damage to the company's reputation.

Improvement and response time 

Penetration tests and vulnerability scans provide valuable insight to a company on how an attack may look and how quickly and effectively they can respond. This improves preparedness and potentially reduces downtime in the event of a real attack.