1. For whom are the security services of Web Security Scan?
2. What is the difference between Web Security Scan and other service providers?
3. Why is your application/system a target?
4. Is my web application secure after performing a pentest?
5. How often do I have to perform a pentest?
6. How do you prepare for a pentest?
7. What information must be provided in advance for a pentest?
8. Why should I adjust SMTP settings for a pentest?
9. What is the lead time for a pentest?
10. How do you effectively perform a re-test?
11. What is the difference between a NCSC-report and OWASP Top 10-report?
12. Security testing with or without prior knowledge?
13. What are the advantages of manual testing methods?
14. The acceptation-/test environment is running on the same server as the production environment. Is this a problem?
15. Why are security tests preferably executed on the acceptance/test environment?
16. Why should I whitelist IP-addresses for IPS, IDS and rate-limiting systems during a pentest?
17. What are the advantages of using the scan sensor?
18. Does Web Security Scan offer support for taking extra security measures?
19. Does Web Security Scan offer support to fix security issues in the code?