1. Who are our pentesting services intended for?
2. What's the difference between us and other service providers?
3. Why is my application/system a target for hackers?
4. Is my application secure after performing a pentest?
5. What is the difference between black-box, grey-box and white-box pentesting?
6. How do you prepare for a pentest?
7. What is the best timing to perform a pentest?
8. What is the lead time for a pentest?
9. How often do I have to perform a pentest?
10. What information must be provided in advance for a pentest?
11. What is the difference between an OWASP Top 10 and NCSC report?
12. What are the advantages of manual testing methods?
13. How do you effectively perform a retest?
14. Why are pentest preferably executed on the acceptance/test environment?
15. The acceptation-/test environment is running on the same server as the production environment. Is this a problem?
16. Why should I whitelist IP-addresses for IPS, IDS and rate-limiting systems during a pentest?
17. Why should I adjust SMTP settings for a pentest?
18. Can I get support for fixing security issues in the source code?
19. What are the advantages of using the scan sensor?