Testing as-a-Service

(Security) Testing-as-a-Service is a modern, hybrid approach to penetration testing that combines automation and manual pentests to perform continuous checks of technical application and system security. The results are displayed in real time on a digital platform. This allows trends to be identified, risks and vulnerabilities to be recognized more quickly and remedied promptly. The flexible and risk-focused combination of automated (scans) and manual (performed by experienced consultants) security tests optimally balances costs and results. TaaS enables the joint and long-term planning of a test portfolio, making compliance and security tests more efficient and targeted.

Your Benefits

Continuity

No one-off tests that are already out of date the next day

A Sense of Proportion

The test profile is adapted to available budgets and the risk profile

Individuality

The right components are tested appropriately at the right intervals

The Standards

Standards that prescribe security checks (e.g. ISO27001, NIS2, DORA, DIN 27076), Tech Standards OWASP, OTSSM

The Results

Increasing technical resilience and reducing potential targets for cyber attacks.

TaaS Levels and Scope of Services

The security checks are offered at different levels, each of which offers a specific scope of testing, a specific depth and specific additional services.

TaaS SCAN
  • Standardized and automated scan
  • External vulnerability scan at IP or URL level (external)
  • Elimination of false positives
  • Vulnerabilities in the digital portal
TaaS BASIC
  • Standardized and semi-automated pen test
  • Additional manual random sample tests
  • Security check in the black box procedure (external)
  • Findings in the digital portal
TaaS STANDARD
  • Standardized pen test
  • Partially automated (for initial tests)
  • Manual tests of critical areas
  • External security check using the black box / grey box method
  • Findings in the digital portal
TaaS PRO
  • Standardized pen test
  • Partially automated tests (for initial tests)
  • High proportion of manual tests
  • Security check in the black box procedure (external)
  • Findings in the digital portal + results report in PDF
TaaS DEEP DIVE
  • Individual test scope based on scope definitions
  • Kick-off meeting
  • Detailed external and/or internal security check
  • Black box / grey box / white box (with source code support)
  • Immediate information on critical findings
  • Findings in the digital portal + results report in PDF
  • Results presentation

We are standardized in our services – but flexible in the composition of the individual test portfolio.