Nederlands
From Web Development to Cybersecurity Experts
Web Security Scan is part of DongIT and has grown into a leading penetration testing company in Europe with a proven track record. In 2012, DongIT started as a web development company with a strong focus on security by design – developing secure and privacy-sensitive applications.
Those who understand how to build IT systems securely from the ground up also know how to effectively and thoroughly test them for vulnerabilities. Security starts at the code and configuration level. In response to a growing demand within DongIT for penetration testing with this unique perspective, Web Security Scan was founded with the mission of making high-quality pentesting services accessible to organizations of all sizes.
Our approach combines advanced testing methodologies with technical depth: we analyze systems down to code level, uncovering vulnerabilities that others overlook. Governments, software vendors, and businesses across various sectors trust our expertise to strengthen their digital resilience.
Want to know how secure your IT environment really is? Contact us for a tailored penetration test.
Guaranteed Quality – CCV Pentest Certification and ISO 27001
DongIT is certified under the CCV Pentest Certification, the Dutch standard for high-quality penetration testing. This certification guarantees that our methods meet the highest standards for quality, integrity, and transparency.
- Certified penetration testers holding OSCP, OSED, CRTO, CISSP, CISA, and more
- Comprehensive and realistic penetration tests based on internationally recognized methodologies
- Full compliance with cybersecurity laws and regulations
This certification ensures that organizations receive a trustworthy, independent, and effective security audit. In addition, DongIT is ISO 27001 certified, meaning our information security management system is independently assessed against international standards (ISO/IEC 27001:2022).
Certified IT-Security Experts
Our ethical hackers are among the most highly qualified professionals in the Netherlands. They hold extensive hands-on experience and internationally recognized cybersecurity certifications, including:
- OSCP – Offensive Security Certified Professional
- OSWE – Offensive Security Web Expert
- OSEP – Offensive Security Experienced Pentester
- OSED – Offensive Security Exploit Developer
- CRTO – Certified Red Team Operator
- CISSP – Certified Information Systems Security Professional
- CISA – Certified Information Systems Auditor
- eCPPTv2 – eLearnSecurity Certified Professional Penetration Tester
By combining deep technical expertise with real-world experience, we don’t just identify vulnerabilities—we provide practical solutions to mitigate risks effectively.
Our Expertise in the Media
Our security experts regularly share their knowledge and research in the media. For example, Nieuwsuur, a leading Dutch investigative news show, interviewed DongIT about vulnerabilities in the security of web applications used by dozens of municipalities.
Why Choose DongIT?
- In-depth technical expertise – We go beyond surface-level testing. Our specialists assess security at the architecture, configuration, and code level, uncovering risks that are often missed by standard assessments.
- Certified security professionals – Our work is performed by experienced ethical hackers and security consultants with recognized, top-tier certifications. They combine current threat intelligence with real-world experience to deliver reliable and relevant results.
- Tailored solutions & compliance-focused – Every organization is different. We align our security assessments with your IT environment, business processes, and regulatory requirements, including frameworks such as NIS2 and ISO 27001. No generic reports, only actionable advice.
- CCV-certified and independent – DongIT is CCV-certified, providing independent quality assurance and a transparent testing methodology you can trust.
- Action-oriented reporting – Our reports are clear, structured, and usable for both technical teams and management, including risk ratings, prioritization, and concrete remediation guidance.
- A long-term security partner – We go beyond delivering a report. Where needed, we support re-testing, remediation programs, secure development, and strategic security advice, helping you sustainably strengthen your security posture.
Ready to enhance your organization's cybersecurity? Get in touch for a free consultation and discover how we can help strengthen your security posture.
