About Us

Experts in the field of IT security and web development
Mon-Fri, 9am - 6pm CET
DongIT logo

Who we are

Web Security Scan is part of DongIT. We are experts in the fields of IT security and web development. These complementary core competencies together form a unique and powerful combination. Knowledge and experience in web development is used when performing security assessments and vice versa. This enables us to look deeper into programming code, understand the semantics of programming languages and improvise with alternative methods and techniques during penetration tests. This makes our service stand out from others.

We recognize the importance of secure web applications and IT infrastructures and make this accessible to a broad audience. With our standard security packages and custom solutions, there is a suitable security test for every type of customer. Our clients (500+) are diverse and include municipalities, ministries, software suppliers, SMEs, and large commercial and (semi-)public organizations.

OSCPcissp logocisa logo

Certified IT security experts

Our experienced IT security experts have a proven track record of testing web applications and underlying systems. All our ethical hackers have a university degree and possess relevant certifications: CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), OSCP/PEN-200 (Offensive Security Certified Professional), OSWP/PEN-210 (Offensive Security Wireless Professional), OSWE/WEB-300 (Offensive Security Web Expert), and eCPPTv2 (eLearnSecurity Certified Professional Penetration Tester).

Over a decade of professional pentesting and ethical hacking merged with web development. Offering a wide range of web security services to custom-built products, we focus on secure, future-proof, and efficient solutions tailored to our customer's needs. We combine the best of both worlds in security and development with all our services and products.

Go to the DongIT website for more information.

DongIT on Dutch national television

Nieuwsuur, a Dutch public news programme, visited DongIT for an interview with ethical hacker Wouter van Dongen, after he demonstrated vulnerabilities in the web applications of Dutch municipalities.

Website DongIT


Our experience and expertise has led us to follow a very detailed and structured methodology based on the OWASP Testing Guide for performing Web Application Security Assessments and the ICT Security Guidelines for Web Applications of the National Cyber Security Centre (Dutch organization). This methodology provides a high level of assurance that all necessary areas of the application are tested and as many issues as possible are found.

Our researchers approach security assessments with a mindset and techniques of a hacker to find vulnerabilities and misconfigurations within applications. There is no better way to test web application security.


Research results are delivered in professional reports based on international standards and guidelines (OWASP Top 10/SANS). Our reports include security research findings and recommendations for resolving security issues and improving overall IT security. Reports can be customized to specific needs upon request.