Explanation about: ‘what kind of pentesting’:

There are three different ways to do a penetration test:

1. White box testing: a lot of information is given to the pen tester in advance, such as passwords, the used soft- and hardware and test accounts and also account data.
2. Gray box testing: some of the information is known
3. Black box testing: the ‘hacker’ (the BSM employee) knows nothing in advance except the name of a company or website to be tested.

(This distinction should not be confused with black-, gray- and white-hat hacking, see the explanation below)

The advantages and disadvantages of the different pen test variants:

The advantage of white box testing is that testing can take place faster and therefore cheaper because we receive data provided by you. The tests don’t work like a real hack attack, but they do provide a lot of information about the security status of the system.

The advantage of Black box testing is the simulation of a real hack attack. The disadvantage of black box testing is that it takes much more time.

An intermediate variant of penetration testing is grey box testing: the ‘white hat hacker’ who does the pen test has limited information about the hardware and software, but does not have usernames and passwords.

Do you have any questions or remarks regarding the application for a penetration test?

Of course you can also call or email us for more information.
We realize that not everyone has the knowledge to know exactly which pentest is most useful in their specific situation. We like to think together with you about solutions and we like to explain the possibilities.

Feel free to contact us if you need a conversation?