(Security) Testing-as-a-Service is a modern, hybrid approach to penetration testing that combines automation and manual pentests to perform continuous checks of technical application and system security. The results are displayed in real time on a digital platform. This allows trends to be identified, risks and vulnerabilities to be recognized more quickly and remedied promptly. The flexible and risk-focused combination of automated (scans) and manual (performed by experienced consultants) security tests optimally balances costs and results. TaaS enables the joint and long-term planning of a test portfolio, making compliance and security tests more efficient and targeted.
Testing as-a-Service
Your Benefits
The Standards
Standards that prescribe security checks (e.g. ISO27001, NIS2, DORA, DIN 27076), Tech Standards OWASP, OTSSM
The Results
Increasing technical resilience and reducing potential targets for cyber attacks.
TaaS Levels and Scope of Services
The security checks are offered at different levels, each of which offers a specific scope of testing, a specific depth and specific additional services.
TaaS SCAN
- Standardized and automated scan
- External vulnerability scan at IP or URL level (external)
- Elimination of false positives
- Vulnerabilities in the digital portal
TaaS BASIC
- Standardized and semi-automated pen test
- Additional manual random sample tests
- Security check in the black box procedure (external)
- Findings in the digital portal
TaaS STANDARD
- Standardized pen test
- Partially automated (for initial tests)
- Manual tests of critical areas
- External security check using the black box / grey box method
- Findings in the digital portal
TaaS PRO
- Standardized pen test
- Partially automated tests (for initial tests)
- High proportion of manual tests
- Security check in the black box procedure (external)
- Findings in the digital portal + results report in PDF
TaaS DEEP DIVE
- Individual test scope based on scope definitions
- Kick-off meeting
- Detailed external and/or internal security check
- Black box / grey box / white box (with source code support)
- Immediate information on critical findings
- Findings in the digital portal + results report in PDF
- Results presentation
We are standardized in our services – but flexible in the composition of the individual test portfolio.