Pentest or vulnerability scanning

If you need to have a pentest or vulnerability scan performed, we have many options to assist you. Getting a pentest/vulnerability scan done does not necessarily have to be a big investment, as long as it is adapted to your needs.

Our pentests and vulnerability scans are performed according to the OWASP model, which is an internationally recognized standard for IT security. You can read more about OWASP. HERE

If you need to have a pentest or vulnerability scan performed, you are very welcome to contact us at +45 535 27000 to learn more about pricing and options.

Vulnerability scanning

Vulnerability, is typically performed on servers that have access to the internet, such as a web server. In a standard vulnerability scan, the server is scanned for known vulnerabilities and a report is prepared with a description of the scan and any changes/improvements that can be made.

If you require ongoing automated scanning, we have a 'managed' setup where Leave a Mark ensures that the scanning is continuously updated as new vulnerabilities are discovered.

Our automated scans contain as a minimum the following:

  • Opsætning af kørsel af op til 3 IPer/domæner
  • Host/Domain response scanning
  • Port scanning
  • Header scanning (Clickjacking)
  • TLS/SSL scanning
  • DNS setting
  • Robots scanning
  • Ændringer siden sidst scan
  • Manuel gennemgang af rapporten
  • Online adgang til rapporter (gemmes i 24 måneder til audit)
  • Rapport data er fuldt krypteret med stærk kryptering
  • Opdatering af scanning systemet i forhold til kendte sårbarheder.

Fast pris for en kørsel for 3 IP/domæner           DKK 1950,- /pr måned ex moms

Sårbarhedsscanning

kontakt os på +45 535 27000 for at hører nærmere om pris og muligheder.

 

Pentest

Før en pentest udføres er det vigtig at få defineret det rigtig scope, da en pentest kan omfatte alt lige fra online servere til fysisk adgang i virksomheden.

Et typisk eksempel på en Pentest kunne være at test mod de servere som man har fået foretaget en vulnerability scanning på, for at sikre at der ikke er sikkerhedshuller.

Når vi udfører en Pentest agere vi hacker og vil forsøge at komme ind i virksomhedens systemer via forskellige metoder som Bruteforce login, SQL injection, API omgåelse, Phising mm. 

Efter en endt Pentest udarbejdes en rapport over opdagede sikkerhedshuller og hvilke muligheder der er for forbedringer.