penetration
testing

We assess your AWS infrastructure and give you hands-on resolution consultation

drop us a line
What is Penetration Testing?

An A&B security specialist takes over the role of an attacker (ethical hacker) to compromise customers infrastructure and/or application.

By targeting OWASP Top 10 application security risks, Alice&Bob.Company’s experienced penetration testers carry out Pentesting by documenting key findings and and mitigation recommendations as well as criticality of the findings to improve security posture.

A&B takes the role of an ethical hacker to gain additional security insights

APPROACH – HOW WE DO IT

Focused penetration testing

After defining a narrow test scope, we will conduct reconnaissance to determine the attack surface of your deployed AWS infrastructure, software and services.

An automated penetration test will determine whether the customers infrastructure is subject to known vulnerabilities, outdated security standards and is affected by common and service specific weaknesses. In the second test stage, manual penetration is performed to also discover application specific and previously unknown vulnerabilities.

The resulting presentation will provide you with key findings and explanations on how identified vulnerabilities should be mitigated.

Moreover, we will provide a list of vulnerabilities incl. resolution effort, ciritcality and a brief resolution description. This gives you a holistic overview of your current security posture.

YOUR BENEFITS
  • Gain a realistic view on your applications' and services' attack surface from the perspective of an ethical hacker
  • A list of findings, prioritized and provided with a simple effort estimate
  • Discover how susceptible your applications and services are to external threat actors
  • Learn how to mitigate identified security vulnerabilities
drop us a line

Our teams had very productive collaborations with Alice&Bob. They validated and improved our architecture and design decisions, with a strong perspective on security.
I really appreciate their in-depth technical knowledge and experience, combined with their passionate 'can-do-attitude'.

Dennis Winter
Deputy VP TechOps, solarisBank

OTHER PRODUCTS IN 02 warm-up

SECURITY ASSESSMENT

Get a detailed overview of your cloud architecture, with identified vulnerabilities and misconfigurations. You will also receive defined clear steps to fix and improve you overall security posture.

Read More
THREAT MODELING WORKSHOP

Use this threat and risk based methodology to
identify and evaluate threats to your
digital product. We conduct an agile threat modeling workshop and help you to leverage the outcomes for your product development lifecycle.

Read More
gdpr Workshop

This offer includes a training of the management team and product team in GDPR on AWS. Get insights of necessary transformations of your AWS infrastructure into a GDPR compliant state.

Read More

01 health-check

AWS certified architect challenges your platform setup in a brief mutual discussion.
view more

02 warm-up

Deep dive on your individual platform, either risk or best practice based: threat mod- eling workshop, security assess- ment or well architected review.
view more

03 launch

Platform improvement due to individually defined project work (AWS Security portfolio, Shift Left, Continuous Security, Automated Auditing).
view more

04 continuous improvement

Iterative proactive managed security services or consulting solutions.
view more