Security Check

for medium-sized and small companies

The IT Security Check offers small and medium-sized companies an initial assessment of the general IT security situation in their own company.

 

  • Where are we particularly well positioned and where do we still need to catch up?
  • Clarity, knowing exactly what still needs to be done
  • Gaining insight into which measures are indispensable and which are of little relevance
  • 2 days implementation with several consultants
  • Review of technical & organizational IT security based on VdS 10000
  • QuickCheck of corporate web presence and external IPs
  • Recommendation catalog for the further procedure
  • Management Report (PDF format)
  • Final interview
  • 3 days implementation with several consultants
  • Review of technical & organizational IT security based on VdS 10000
  • QuickCheck of corporate web presence and external IPs
  • Recommendation catalog for the further procedure
  • Management Report (PDF format)
  • Final interview
  • 4 days implementation with several consultants
  • Review of technical & organizational IT security based on VdS 10000
  • QuickCheck of corporate web presence and external IPs
  • Recommendation catalog for the further procedure
  • Management Report (PDF format)
  • Final interview

Procedure of the tests

During the initial meeting, we get to know you and your company better. In the second round of the meeting, we discuss the next steps together with all decision-makers. The methodology of penetration testing to be applied is determined.

Once the penetration test has identified possible attack vectors and determined their probability of occurrence and the extent of damage, we present the results to you in a final report.

This includes a management summary, a detailed description of the inherent risks, and a proof of concept so that you can track the vulnerabilities internally with your own IT experts.

At the heart of the documentation are the comprehensive recommendations for action, which you can use to carry out independent remediation of the weak points in a simple and comprehensible manner.

Independently of a free debriefing to clarify open questions or ambiguities, we are also happy to provide you with a confirmation of the successful execution of a penetration test upon request. You can use this as proof for customers and business partners.

 

 

The final report contains the following components:

  • Project frame data (project name, contact person, test period, scope)
  • Management summary
  • Description of the approach and methods used
  • Summary and assessment of the identified vulnerabilities in terms of their criticality (including CVSS values and CVE entries) and technical proof of concept
  • Detailed technical description of the identified vulnerabilities / inherent risks.
  • Recommendation of measures to eliminate the vulnerability as well as listing of all vulnerabilities in tabular form (Excel).

Your contact

You can always reach us personally. Because loyalty based on partnership is far more important to us than short-term success.

Philipp Kalweit

Philipp Kalweit

Managing Partner

 

+49 40 285 301 257

hello@kalwe.it

Philipp Kalweit is an experienced IT security consultant on the topics of security awareness and offensive IT auditing. For the past six years, he has been advising and auditing clients from the SME and group environment, in particular ECB and BaFin-regulated organizations as well as groups in the retail sector. His consulting focus is on holistic IT security. He was honored for his work in 2019 by DIE ZEIT as “Hamburger of the Month” and in the same year was included in the Forbes “30 under 30 DACH” list.

 

Arrange a non-binding initial meeting now