Frequently Asked Questions
- For whom are the security services of Web Security Scan?
- What is the difference between Web Security Scan and other service providers?
- Why is your application/system a target?
- Is my web application secure after performing a pentest?
- How often do I have to perform a pentest?
- How do you prepare for a pentest?
- What information must be provided in advance for a pentest?
- Why should I adjust SMTP settings for a pentest?
- What is the lead time for a pentest?
- How do you effectively perform a re-test?
- What is the difference between a NCSC-report and OWASP Top 10-report?
- Security testing with or without prior knowledge?
- What are the advantages of manual testing methods?
- The acceptation-/test environment is running on the same server as the production environment. Is this a problem?
- Why are security tests preferably executed on the acceptance/test environment?
- Why should I whitelist IP-addresses for IPS, IDS and rate-limiting systems during a pentest?
- What are the advantages of using the scan sensor?
- Does Web Security Scan offer support for taking extra security measures?
- Does Web Security Scan offer support to fix security issues in the code?