Konrad Ziółkowski

Key Account Manager
Phone: +48 660 746 312

Errors jeopardising system security often result from hardware and software gaps or installation errors, or simply from insufficient knowledge of users. Penetration tests, frequently dubbed as “pen tests”, consist of a simulated attack on an application, website, telecommunications system or in-house IT infrastructure in order to assess how secure they really are. There are three types of tests:

  • black box test: the client does not disclose any information about the tested environment. A black box test is most similar to a spontaneous cyber attack carried out from the outside.
  • a white box test: the client provides the testing team with all key information about the tested environment, e.g. diagrams, architecture, sometimes source codes. During such a test, the testing team reviews a code or system settings rather than simulates a cyber attack.
  • a grey box test: a combination of the two previous tests. The testing team has some, but incomplete, knowledge about the tested environment.
    The pen tests enables the team to discover and analyse vulnerabilities and identify gaps in the client's security system.

The expert team from Rödl & Partner has many years’ experience in  conducting tests using OWASP or OSSTMM methods. Based on the tests and a follow-up analysis, the team prepares a report describing the identified errors and vulnerabilities, the estimated level of risk and the suggested methods to improve security.