Assessing the security level by means of technical security audits from the internal and external perspective in the form of several security scans of internal networks and web application penetration tests of selected web applications