Client- / Server Infrastructure Testing
Detect security gaps in your client/server infrastructure.
Get a quote now

Penetration Testing & Security Assessments

Check your client and server infrastructure thoroughly for any security gaps, vulnerabilities and potential attack surfaces. Oneconsult Client/Server Infrastructure Testing offers comprehensive analyses for your IT workstations as well as central infrastructure components such as Windows or Linux servers, Kubernetes / Docker-based container environments, Active Directory (AD) or Microsoft Entra ID (formerly Azure AD), mobile devices (iOS or Android) and their management solutions. In addition to penetration tests, security configuration reviews are also carried out for all components of your client/server infrastructure to ensure that implemented security configurations work properly, and to gain valuable insights to further improve your cyber resilience.

Our Client- / Server Infrastructure Testing Services

Client Security Assessment
(Windows, Unix, VDI)

While your users engage in their valuable daily work, they are potentially exposing the clients they are using to the Internet, which is why it is of utmost importance to conduct client security audits. From BIOS security, disk encryption and hardware interfaces to operating system configurations and network security, the range of issues to consider reflects the complexity and importance of these audits.

A customized approach based on proven standards is essential to fully assess the security of your devices. Whether traditional PCs, thin or zero clients, Unix-based systems or embedded devices, the tests cover a wide range. These in-depth analyses enable us to make precise recommendations tailored to your specific needs. Oneconsult’s goal is to provide you with clear and meaningful results that not only give you an overview of the current security status of your client environment, but also concrete recommendations on how to effectively close potential security gaps.

Server Security Assessment
(Windows, Linux / Unix)

Server security assessments uncover vulnerabilities across multiple threat vectors in your environment, including network connections, physical and logical access, and virtualization layers. Automated testing, manual analyses, and configuration checks are used to identify potential risks and to test key security measures. This holistic approach gives you a comprehensive view of the security posture of your server infrastructure.

Active Directory Security Assessment

Active Directory (AD) is often referred to as the heart of IT. On the one hand, it is simply impossible to work or log on to work if the AD is not available. On the other hand, it is also the main target of an attacker in order to gain more rights and thus more (damaging) possibilities to achieve the goal of their attack.

The Oneconsult Active Directory Security Assessment is suitable for both on-premise IT infrastructures and hybrid scenarios, such as with Microsoft Entra ID. It focuses equally on Active Directory Domain Services (ADDS), Active Directory Federation Services (ADFS), and Active Directory Certificate Services (ADCS). You will also receive a review of your Group Policies (GPOs), architectural vulnerabilities and hardening measures.

In addition to penetration testing with appropriate tools, attack vectors and attack paths are identified and analyzed using best practices.  The configuration and the test results are also reviewed for deviations from best practices and remediated as necessary.

Container Security Assessment

In addition to virtualized environments, workloads and microservices based on container technologies (e.g., Docker containers/environments managed with Kubernetes, etc.) have been established for some time. As advantageous as these technologies are, their security implications are often underestimated.

Container security assessments provide a thorough security check of your containers. They uncover configuration errors and vulnerabilities to protect your containers and their environment from potential threats. In addition, the assessment analyzes the runtime environment to identify security-related compliance requirements. Automated tests are used and supplemented by further manual analyses to adjust configurations according to established best practices and our expertise.

Security Configuration Review

Oneconsult offers security configuration reviews for all other systems in your client/server infrastructure that you would like to check for security concerns. Be it system management solutions such as SCCM, USB device security management, DLP solutions, printers and their management solutions: Oneconsult helps to optimize security-relevant configurations, independent of manufacturer and product.

During the configuration review, the configuration of your systems is checked (together, if desired) – where possible, by automatically reading out the configuration and comparing it with best practices, hardening guidelines or other security advisories. As the goals of best possible usability and best possible security are often in conflict, these conflicting goals as well as any risks or even restrictions need to be assessed and discussed. You benefit from Oneconsult’s experienced security specialists and receive clear recommendations.

Oneconsult mainly focuses on the security-relevant configuration options, and it often makes sense to conduct a configuration review together with the person responsible for the system. In this way, the product expertise of the responsible person and the security expertise of Oneconsult can lead to an ideal result and at the same time strengthen security awareness and competence.

Mobile Device Security Assessment
(Including MDM)

Working remotely has become a necessity. Emails, contact details and other business information, some of which is confidential or even secret, can be accessed via mobile devices. In addition to the iOS or Android-based devices themselves, one of the most important components in enabling remote work on both personal and business mobile devices is the Mobile Device Management (MDM) solution.


Using standardized and established procedures, your mobile devices are tested and analyzed both from the perspective of the authorized user and from the perspective of an unauthorized owner or attacker (access to device and/or data, manipulation, etc.). 

Often, mobile devices cannot be conclusively assessed without analyzing the associated MDM solution. As the customer, you determine the depth of the test. If the MDM is to be tested in detail, a system configuration review is recommended as a separate project to be performed independently or prior to the mobile device security assessment.

Take advantage of Oneconsult Client/Server Infrastructure Testing to review the security aspects of your client/server systems. Through comprehensive testing, potential vulnerabilities can be identified and remediated before malicious attackers can exploit them.

Get a Client- / Server Infrastructure Testing quote now

Don’t miss anything! Subscribe to our free newsletter.

Your security is our top priority – our specialists provide you with professional support.

Availability Monday to Friday 8:00 a.m. – 6:00 p.m (exception: customers with SLA – please call the 24/7 IRR emergency number).

Private individuals please contact your trusted IT service provider or the local police station.

For more information about our DFIR services here:

Add CSIRT to contacts