Pentest

We identify gateways into systems and applications and reduce your risk

We are happy to help

Pentest

We identify gateways into systems and applications and reduce your risk

We are happy to help

Protect your company proactively with our Pentetration Test

In our Pentests, our security analysts assume the role of a malicious hacker and simulate attacks on your IT system landscape. They attempt to penetrate your company's systems in a targeted, individual and creative manner using the same methods, techniques and procedures that attackers would use. The goal is to find as many vulnerabilities and attack points as possible so that you can fix them in time before they can be exploited by a real attacker. Conducting a Pentest ensures that your partners and service providers comply with a wide range of regulations. With usd HeroLab, you have one of the leading providers of technical security analyses by your side.

What Our Customers Say

“Competent, structured, friendly.”

 

 Claudia Mertzlin, Lufthansa

“As a provider of modern mental health solutions, we are constantly developing our digital consulting and support services—and thus assume a special responsibility for the protection of sensitive data. We are aware of how crucial trust and data security are for our customers and clients. That is why we attach great importance to ensuring that our systems meet the highest security standards. usd AG has provided us with extremely competent and efficient support from the very beginning. We would like to thank them for their excellent cooperation and expert advice.”

 

Markus Bernhardt, Project management and IT-coordination, INSITE-Interventions GmbH

“Trustworthy, professional and helpful.”

 

Manuel Sommer, Pulso Europe Portugal

“Great and effective service!”

 

 Filipe Sommer, Pulso Europe Portugal

“Professional, needs-based, good communication, careful implementation, short-term implementation, customer-oriented.”

 

Anonymous customer

To the point 😉 - Good cost/performance ratio, constructive and friendly communication, professional execution.”

 

Anonymous customer

“Structured, competent and simply recommendable.”

 

Anonymous customer

“Professional, detailed, communication done correctly from beginning until the end.”

 

Anonymous customer

“Thank you for the quick pentest, driven by our very ambitious timeline! Top!”

 

Anonymous customer

“Thank you, everything went excellently again.”

 

Anonymous customer

“We are extremely satisfied and will be happy to recommend usd AG.”

 

Anonymous customer

“Thank you for once again conducting a smooth and structured pentest of one of our applications, as well as for the good cooperation.”

 

Anonymous customer

Our Portfolio

System Pentest

Servers and network components

You want to ensure that your network is protected against attackers on the infrastructure level?

Learn more

Web Application Pentest

Web applications

You run an online store and would like to protect yourself preventively against cyber attacks?

    Learn more

    API Pentest

    Interfaces

    You provide APIs or web services and want to protect against attackers?

      Learn more

      Mobile App Pentest

      Android & iOS

      You provide iOS or Android apps and want to check whether they are sufficiently protected against unauthorized third-party access?

      Learn more

      Active Directory Pentest

      Microsoft Directory Service

      Is your company using Microsoft's Actice Directory for managing user accounts and resources and do you want to check its IT security?

      Learn more

      Pentest OT and IoT Systems

      Connected Devices and Industrial Infrastructure

      Operational Technology (OT) and the Internet of Things (IoT) are essential parts of many business processes today.You want to identify vulnerabilities early and secure your systems sustainably?

      Learn more

      Cloud Pentest

      AWS, Azure & Google Cloud Plattform 

      You want to increase the security of your cloud infrastructure (e.g. AWS, Azure & Google Cloud Platform)?

      Learn more
      SAP Pentest usd AG

      SAP Pentest

      SAP systems and FIORI web applications

      You use SAP systems or FIORI web applications in your company and would like to check their security?

      Learn more

      Fat Client Pentest

      Native applications on Windows and Unix systems

      You use applications or programs from Windows or Unix systems and you would like to ensure that they do not pose a gateway for hackers?

      Learn more

      Mainframe Pentest

      Systems and applications

      Your company regularly processes enormous amounts of data and therefore uses mainframes and you would like to check whether your mainframe is protected against hacker attacks?

      Learn more
      Single Sign-On Pentest, usd AG

      Single Sign-On (SSO) Pentest

      Open ID Connect 1.0, OAuth 2.0, SAML

      You rely on the Single Sign-On (SSO) procedure for user authentication and would like to check the security of your SSO solution?

      Learn more

      Workstation Pentest

      Notebooks

      You want to check whether an attacker can compromise the company network via your employees' laptops?

      Learn more

      More Use Cases Pentests

      LLM applications, WLAN, VoIP telephone system, Mobile application management, Mobile device management, Business software, and much more

       

      • You want to identify security vulnerabilities in your AI solution or LLM-based application.
      • You are a hardware or software manufacturer and take the protection of your customers' data seriously.
      • You are a SWIFT user and are required to perform a Penetration Test.
      • You need a successfully performed Penetration Test to conclude a cyber insurance policy.
      • You wonder if a hacker can successfully compromise the client IT systems through ransomware.
      • You are in the PCI DSS scope and are required to perform a Penetration Test.
      • You want to check whether employees can maliciously extend their local user privileges and thus execute a deeper attack.
      • You want to know if attackers can use phishing emails to attack your employees and gain access to your IT systems.
        Contact us

        When was the last time you checked your IT security?

        New vulnerabilities are constantly being discovered or changes to the IT environment can lead to new security vulnerabilities. Therefore, Penetration Tests should be repeated regularly over a period of one year and should be firmly integrated into the security process.

        More insights into Penetration Testing

        Our approach

        Our security analysts have developed a proven procedure for conducting Pentests based on recognized international standards and many years of experience. If you are subject to PCI DSS, we identify relevant vulnerabilities for your PCI DSS v4.0.1 compliance and provide you with details on the affected PCI DSS requirements. The use of the usd HeroLab toolchain as well as tools from internationally recognized manufacturers allows our security analysts to perform their tests even more efficiently and comprehensively and leaves time for in-depth, manual analyses.

        Learn more

        Your advantages of usd Pentests

        Fulfillment of your compliance requirements. Optimal support during the entire Pentest project. Comprehensive final report. Documentation of PCI DSS v4.0.1 relevant vulnerabilities and detailed information on the corresponding requirements during PCI DSS pentests and much more. Learn more about your advantages of usd Pentests here.

        Learn more

        Pentest provider: Evaluation of offer and quality

        The number of pentest providers is increasing. Thorough evaluation of pentest offerings and quality is becoming increasingly difficult. Learn more here about the performance characteristics that can help you choosing the right partner.

        Learn more

        More insights into Penetration Testing

        Our approach

        Our security analysts have developed a proven procedure for conducting Pentests based on recognized international standards and many years of experience. Our security analysts have developed a proven procedure for conducting Pentests based on recognized international standards and many years of experience. If you are subject to PCI DSS, we identify relevant vulnerabilities for your PCI DSS v4.0 compliance and provide you with details on the affected PCI DSS requirements. The use of the usd HeroLab toolchain as well as tools from internationally recognized manufacturers allows our security analysts to perform their tests even more efficiently and comprehensively and leaves time for in-depth, manual analyses. 

        Learn more

        Your advantages of usd Pentests

        Fulfillment of your compliance requirements. Optimal support during the entire Pentest project. Comprehensive final report. Documentation of PCI DSS v4.0 relevant vulnerabilities and detailed information on the corresponding requirements during PCI DSS pentests and much more. Learn more about your advantages of usd Pentests here.

        Learn more

        Pentest provider: Evaluation of offer and quality

        The number of pentest providers is increasing. Thorough evaluation of pentest offerings and quality is becoming increasingly difficult. Learn more here about the performance characteristics that can help you choosing the right partner.

        Learn more

        Do you have any questions or need support?

        "We are happy to advice you on your options for having your systems and applications checked by our experienced security analysts."

        Daniel Heyne, Head of Sales - Security Analysis, OSCP, OSCE
        Contact us

        Do you have any questions or need support?

        "We are happy to advice you on your options for having your systems and applications checked by our experienced security analysts."

        Daniel Heyne, Head of Sales - Security Analysis, OSCP, OSCE

        Contact us