Perimeter security is a top priority at DSecured. We are experts in this field and find every security gap. You will receive the result in a detailed report.
In an external pentest, we examine your company's entire publicly accessible attack surface: web servers, VPN access, APIs, mail and remote access services, and cloud resources. Our goal is to follow the same path as an attacker - from initial footprinting through exploiting vulnerabilities to potential initial access.
We combine automated discovery with manual techniques such as subdomain takeover, credential reuse, exploit development or path chaining. Every finding is comprehensibly documented and provided with appropriate hardening measures.
We discover forgotten hosts, open ports and exposed services - including SaaS integrations and third-party infrastructure.
Vulnerabilities don't remain abstract: we show how they can be exploited and which data or systems are threatened.
You receive prioritized fix recommendations tailored to your team - including immediate measures and long-term actions.
Organizations with publicly accessible services, SaaS products or distributed teams benefit especially from regular examination of the Internet perimeter. Managed service providers, digital agencies and operators of critical infrastructure are also among the organizations that rely on solid results.
Cloud-native applications, APIs and tenant portals require continuous control of auth, rate limits and tenant separation.
Many customer domains, admin portals or remote tools increase the attack surface - we help set priorities.
KRITIS, NIS2 or ISO 27001 require valid evidence - we deliver audit-ready reports and proof-of-concepts.
An external pentest is particularly important before compliance audits or major changes - for example during domain migrations, M&A activities or the launch of new locations. We support scope definition and test both classic data center hosts as well as modern cloud stacks and CDN/WAF chains.
Most of our employees come from a bug bounty hunting background and know nothing other than attacking the external attack surface. We have worked for many well-known companies and know how hackers think.
Our reports contain a classic summary for management, technical details for the IT department and detailed instructions on how to rectify the vulnerabilities found. You also get insights into your shadow IT - free of charge.
Hacking is a creative process - especially in the perimeter area. Small things - combined - can become big problems. We are experts at finding exactly that.
The more you know about your external network, the less likely you are to be hacked. We are happy to help you find out what should be tested - and what should not.
Sometimes things have to happen quickly. If necessary, we share information as soon as we find it. We are flexible when it comes to communication.
When it comes to the perimeter of your business, we offer a variety of complementary services to further minimize risk.
The costs depend on how large your perimeter is and how deeply we examine individual services. A handful of IPs with clearly defined ports can be tested in a few days - distributed cloud infrastructures with dozens of subdomains, VPN gateways or SaaS integrations require significantly more time and manual analysis.
Typically, external pentests start at around 3,000 euros. For larger environments, we calculate modularly - including options such as Argos Surface Monitoring for permanent asset tracking or monthly spot checks.
Scanners quickly cover known vulnerabilities - but truly critical results come from manual analysis. We combine both, eliminate false positives and deliver exclusively validated results that your team can address immediately.
Whether ISO 27001, SOC 2, KRITIS or NIS2: We deliver reports that meet audit requirements and simultaneously provide technical teams with proof-of-concepts.
In larger networks or companies that have a relatively large team of IT staff, we now very often see "forgotten" services running on atypical ports. Sometimes these are well protected - sometimes not at all. The classic shadow IT also goes in this direction - here we see forgotten servers in the Amazon AWS or Microsoft Azure cloud again and again. You can find everything there - quickly cobbled together websites, APIs and databases. These services are often inadequately protected or not protected at all.
Sensitive files are also very common - these include dotenv files, backup files and log files. Findings of this type can sometimes have no impact and sometimes be capable of bringing down the entire company. We've seen it all. It becomes particularly critical when a dotenv file contains the access credentials for the infrastructure.
Security vulnerabilities of all kinds are also an integral part of the results list of external penetration tests. These are classic vulnerabilities such as SQL injections, cross-site scripting or directory traversal.
A large part of the internet is based on websites and web applications.
Modern websites and SPAs usually communicate with some kind of API.
Fully automated vulnerability scanning for your IT infrastructure or application.
We've had the privilege of working with some of the world's leading companies and strengthening their IT security.
It depends on what is required. As a rule, we use a combination of automated and manual tests to identify vulnerabilities in your external network. You specify which assets are to be tested. Alternatively, we search for them ourselves and take care of everything - just like a real attacker.
Most of the companies we work with are SMEs. The external networks are relatively small (under 10 assets) - this scale can easily be tested within a few days. Larger companies with hundreds of assets require more time.
In our experience, tests of the external network every few months make sense - if there are not many changes. If there are many changes in the network, we clearly recommend something like our External Attack Surface Monitoring Argos - this permanently monitors your network and scans every few days and alerts us if something is suspicious.
This should not happen. We adapt our tests so that they should not cause any problems. The tests can also take place outside regular operating hours.
If required, this is not a problem at all. We can also switch to a mode that we call "continuous penetration testing". Talk to us!
You receive a pentest report from us, which focuses on all findings that have a certain impact and should be resolved. Your management receives a summary. If required, we can also issue a certificate proving that you have carried out a penetration test.
We use Argos External Attack Surface Management to capture and scan the entire perimeter. We then use the data to decide what to look at manually and how. Argos is able to automatically enumerate the entire public infrastructure in seconds. All services running on the servers are shown. Port scans and file scans are the starting point for getting a good picture of external IT security. We often find problems during this process - such as backup archives, weak access credentials, known security vulnerabilities or anomalies that could be security-relevant.
Have questions about our services? We'd be happy to advise you and create a customized offer.
We'll get back to you within 24 hours
Your data will be treated confidentially
Direct contact with our experts
