Zerberos is a team of security experts with headquarters in Zurich / Switzerland, operating worldwide. All members of the team have vast experience and extensive know-how in the field of network and application security. Zerberos is independent of manufacturers and providers and, as part of its work, follows the ethical principles of honesty, transparency and … Read more
Largely automated scans of your website and server infrastructure give an initial insight into your network and the security status of web servers and web applications. The benefit you derive from a Vulnerability Scan by Zerberos is the interpretation of results by us following the scan; using our experience of more than 20 years as Penetration Testers … Read more
A security analysis is part of the company’s or organization’s security management. A penetration test covers the empirical and technical part of the security analysis. Additional analysis of the processes is carried out through discussions, documents and process analysis. The purpose of security analysis is to detect threats, to estimate the probability of entry and … Read more
The goal of a Red Team attack is not so much a structured assessment, as it is a pragmatic evidence that security holes exist at all; so only the most serious vulnerabilities should be found, exploited and documented. This often serves as the basis for further measures, like structured penetration testing of web applications, external … Read more
Phishing mails are among the most frequent (and most effective) methods of attack today. In a phishing simulation, we send phishing mails specifically customized to your requirements to the list of mail addresses provided by you (in most cases employees of a company or organization). The individual scenarios (mail content, attachments, link, landing page etc.) … Read more
A modern web application features a large number of components that can have vulnerabilities and thus there can also be quite many attack vectors for the attacker. The OWASP Top Ten are useful as a guideline for the individual tests to be performed; the list of the possible vulnerabilities that we check in a web … Read more
In a Penetration Test or Pentest, we perform a comprehensive security test of all the relevant components of your network, devices and services. The structures that we test vary greatly, and so do our approaches by which we perform the test; but for a comprehensive security test, the following procedure has proved to be the … Read more
Mobile apps are fraught with various security risks on the mobile device itself, on the one hand, and on the back-end infrastructure, on the other hand. Moreover, mobile apps are often created for various end devices, sometimes even those based on different frameworks, so the individual versions can be significantly different. All such versions mostly … Read more
An internal penetration test or pentest checks that part of the network not accessible from public networks for security vulnerabilities. This can refer to complete company networks or parts of them. Even though the network is not accessible from outside, configuration errors can lead to serious problems. For example, employees can view data that should … Read more
GDPR (General Data Protection Regulation) requires an assessment of apps and critical network infrastructure to detect security lacunae. Similarly, implemented security controls should be checked for their effectiveness. Regular vulnerability scans ensure that vulnerabilities are detected at the earliest opportunity and can be eliminated as quickly as possible. The frequency for most networks and goals … Read more