Proactively protect your web shop, internet banking platform, mobile app, ICS (SCADA/DCS), IoT device or IT infrastructure via penetration test / ethical hacking, code review, reverse engineering or APT test by our certified penetration testers and security researchers.
Proactively protect your IT assets with a penetration test
There is no «typical» penetration test. Therefore, we offer various types of penetration tests / ethical hacking (incl. APT tests), optimized to the specific requirements of web applications, mobile apps, SAP solutions, ICS (SCADA/DCS), IoT devices, different attack vectors and general conditions or your particular needs (e.g. does your SOC, cloud or service provider live up to its promises?).
Our penetration tests help you to identify technical security vulnerabilities, categorize their risks, evaluate and implement mitigation measures. We give you detailed prioritized recommendations on how to fix them as part of the comprehensive final report to protect your IT assets from unwanted activities.
We have one of the largest teams of highly skilled, salaried and certified penetration testers in Switzerland conducting over 200 penetration test projects per year and employ the most current methods and strategies which are also used by «real» hackers. We cover the entire range from standard penetration tests, code reviews, exploit development, reverse engineering to ethical hacking and APT tests under real-life conditions.
Since Oneconsult’s inception in 2003, we have covered a wide variety of products and technologies in hundreds of penetration test projects, an overview of which you will get in our detailed, anonymized references section.
- One of the largest penetration tester teams in Switzerland
1200 penetration test projects
(200+ per year)
- Proven testing methodologies
- Meaningful, clear reports
- Categorized risks
- Detailed measures catalog incl. prioritization recommendation
- Office IT, ICS (SCADA/DCS) and IoT devices
- Code review
- Exploit development
- Reverse engineering
We offer the following penetration test types:
The penetration test is a realistic, simulated hacker attack. During the available testing time all security vulnerabilities are systematically searched for. A penetration test involves a much higher degree of manual work than a fully automated scan, with the testers putting themselves in the position of a hacker. In comparison to an application security audit, the penetration test encompasses unprivileged tests (i.e. tests without knowledge of valid access information like user ID/password, etc.), but privileged tests may be carried out if access information becomes available during the penetration test. The main differences between a penetration test and ethical hacking are that in the former, the testers are looking for all vulnerabilities and the object of investigation may be penetrated but not modified permanently.
The application penetration test is a security test of an application and its associated front- and back-end systems. Web applications, mobile apps, appliances as well as classic client/server applications may be examined as executable programs or as source code. During the available testing time all security vulnerabilities are systematically searched for in the operating system, the basic services and the application on top.
During this type of penetration test both unprivileged and privileged tests will be carried out, thus covering both the perspective of an outsider (e.g. hacker) and an insider. The application penetration test is the most comprehensive test type, which is especially suited for critical infrastructure like ICS (SCADA systems / DCS), internet banking portals, online shops, mobile apps or interactive business websites.
The following methods and types of tests may be used in an application penetration test:
- OWASP Top 10 / OWASP Mobile Top 10
- Code review
- Reverse engineering (hardware and software)
- API monitoring
- Network sniffing & packet analysis
- Injection tests
In some cases an application or a system are in scope of a security audit, however, the client does not have access to the source code / blueprint of the device or does not want to reveal these. Reverse engineering is the analysis of the security-related system behavior and functionality of a device or an executable application based on the black-box approach.
The following methods may complement reverse engineering projects:
- Protocol reverse engineering (network sniffing & packet analysis)
- Code review of the generated source code
- API monitoring
Approach: Penetration Test, Ethical Hacking and APT Test
After the kick-off meeting, i.e. penetration tests are carried out according to the following project phases:
- Test preparation
- Information gathering
- Analysis and verification of security holes
- Optional: Development and application of exploits (as proof of concept)
- Optional: Project presentation or only discussion of the final report
The final penetration test report will include:
- Executive summary
- Project scope and objectives
- Categorization of risks
- Detailed recommended measures
- Risk Assessment Value (benchmark)
If required, we will also send you the tool-generated output, action logs and dump files from the penetration tests.
For each penetration test type we will make sure that assessing the security vulnerabilities of your system is done in a thorough and cost-effective way. If a large number of systems need to be tested, we recommend taking a funnel approach. Thereby all systems are first analyzed with a security scan, based on the results of which we decide with you which systems should be tested more intensively with an IT infrastructure penetration test or an application penetration test.
Penetration Test Expertise
Since Oneconsult’s inception in 2003, we have conducted over 1200 penetration test projects of various types, 850 of which are OSSTMM-compliant. Amongst other qualifications (like GXPN, OSWP or OPSA), our technical security specialists hold OPST and OSCP certifications. Oneconsult AG is an ISECOM Partner (accredited trainer) and, based on the number of OSSTMM-compliant security audits, Europe’s leading OSSTMM security auditor.
For definitions of information and IT security terms please refer to our glossary.
Secure Software Development
The security of software should be one of the primary goals during software development. Security is needed in the whole development process, as defects arise on various levels of the application and are not only part of the program code. Defects may be found in: Architecture/design, application logic, program code, third-party libraries, deployment and configuration. For secure software development, guidelines should be established that contain important points as input and output validation.
The property that information is not made available or disclosed to unauthorized individuals, entities, or processes (ISO/IEC 27000). To protect the confidentiality of information, access authorization or data encryption may be implemented.
The property of information assets to be accurate (unaltered) and complete (ISO/IEC 27000). Data integrity checks, for example by checksum validation, may counteract intentional or unintentional corruption.
HyperText Markup Language (HTML) is a markup language used to create web pages. It is one of the core technologies of the internet. HTML documents contain information for the user as well as instructions for the browser on how to display the information.
A threat is a potential cause of an unwanted incident, which may result in harm to a system or organization (ISO/IEC 27000). Threats may be triggered by human beings (intentionally or unintentionally) or may be caused by environmental factors. They may include things like theft (e.g. information theft), eavesdropping, information leakage, earthquakes and flooding.