Skip to main content

Is your company or your product protected against hacker attacks?

With our penetration testing services we help you identify security vulnerabilities in your IT and OT environment and provide guidance on how to close them.

It feels like not a single day goes by without bad news being published regarding ransomware attacks, exploited vulnerabilities, data breaches or other security incidents. Consequently, the fear of companies and organizations becoming the next victim drastically increased. In addition, nowadays systems and environments get more and more complex, interconnected and organizations and companies often struggle to properly assess their implementations from a security perspective, or they require an objective and independent analysis. Questions such as adequacy of exposed attack surfaces, effectiveness of security controls or impact of security control failures often remain unanswered.

A penetration test is often the right tool to answer these questions. By identifying vulnerabilities and recommending measures for remediation it ultimately allows establishing confidence into the security of a system, environment or product.

Identifiying vulnerabilities and risks

Providing guidance for mitigation

A penetration test creates value, not pain!​


Goals & Benefits

Identify vulnerabilities

Security vulnerabilities are detected using real world attack patterns by our experienced experts

Preventing Financial Losses

Preventing financial losses due to impact on the classic security pillars confidentiality, integrity and availability

Due Diligence

Demonstration of due diligence to all types of stake holders

Provide guidance

What to fix, and when and how to fix it
Reporting of identified vulnerabilities including ratings, user friendly descriptions and possible mitigations

Meeting Regulations & Standards

Compliance is a by-product of good security. Penetration testing provides compliance with regulations and standards


Protecting from reputational damages

Our Penetration Testing Services

Limes Security offers a range of penetration testing services to meet your needs.

Can’t find what you’re looking for?

Reach out to our team and learn about our custom services.

OT Penetration Testing

An OT penetration test is conducted to identify possible vulnerabilities of complex networks or systems, e.g. railway vehicles, cardiac pacemakers or industrial control systems (ICS / PLCs). OT systems are subject to special requirements. A comprehensive analysis of the intended use enables the development of individual attack scenarios. Penetration testing of OT components provides assurance that they fit into traditional OT environments without adding threats and risks or negatively affect safety controls.

IoT Penetration Testing

With an IoT Penetration Test we discover & identify risks before your device goes to market. An IoT Penetration Test addresses specific security aspects of the device based on the current state of its lifecycle, expected use and existing security hardening measures. Considering the specific requirements, the goal is to assess the effectiveness of security controls on the different layers of components: hardware platform, software platform, communication components and interfaces as well as user space applications.

Icon IoT
Icon Web

Web Application Penetration Testing

The effectiveness of application security controls is assessed in order to provide assurance on the resilience of an application against typical threats and attackers. The penetration test is performed on the basis of relevant Open Web Application Security Project (OWASP) procedures and methods. In addition, individual tests specific to the application at hand will be defined, executed and evaluated.

Mobile Application Penetration Testing

The platform for mobile applications, the mobile devices, cannot always be considered as trusted and secure devices. Therefore, each mobile application needs to provide measures to safeguard information and data at rest, during processing as well as during transmission to webservice endpoints. A mobile application penetration test reveals vulnerabilities in these areas and identifies appropriate remediations to mitigate associated risks. Limes Security follows the OWASP Mobile Security Testing Guide.

Icon Mobile
Icon Red Teaming

Red Teaming

Red Teaming refers to a realistic security evaluation by involving processes, people​​ and physical security testing instead of testing technical security controls only.
Dedicated scenarios and approaches are planned in order to act like real-world attackers. While the details are aligned with a small informed group (white team), the intent is to assess the security controls and counter measures by the system under test as well as the the activities of the defending operators and individuals (blue team). Therefore, red teaming focuses on responses rather than on vulnerabilities as a penetration test usually does.

Infrastructure Penetration Testing

An infrastructure penetration test identifies vulnerabilities within the systems and network of an environment and demonstrates the possible impact of an attack. The assessment verifies if the security controls in place are effective and adequately meet a system’s security requirements with respect to CIA. The testing process includes a mixture of automated and manual tests to find and exploit vulnerabilities in the targets infrastructure. The specific test cases vary depending on the scenario and associated authorizations, but vulnerabilities identified in the process can typically be grouped into the following categories:

  • Authentication and authorization issues
  • Security misconfigurations
  • Outdated software/components with known vulnerabilities
  • Information Disclosure
  • Inadequate network segmentation
  • Missing security management & processes
Icon Infrastructure

Phases of a Penetration Test

Every Penetration Test at Limes Security starts with a thorough onboarding process, where organziational topics (non-disclosure agreements, secure data exchange, …) are discussed and clarified. During this process, as well as throughout the complete customer relationship and related projects, strict data classification and data handling rules are followed especially regarding the need-to-know and least-privilege principles in relation to the information obtained in projects. In a kick-off meeting project specific organizational and technical matters are addressed.

The actual Penetration Test consists of the following assessment phases:


Information Gathering

Primary objective of the first assessment phase is to obtain all relevant information, to identify a subject’s or environment’s attack surface and applicable threats as well as to define a detailed plan on the actual assessment steps considering the assessment objectives.

Vulnerability Analysis

The goal of that phase is to identify weaknesses and flaws in systems, components or procedures that may be misused by attackers and may have an impact on operation or the underlying data, especially on its confidentiality, integrity and availability. By balancing the assessment breadth and depth considering the assigned resources and following a risk-based approach, the aim is to identify all relevant vulnerabilities.


Evaluation of vulnerabilities serves two main purposes. On the one hand the quality of results is verified by ensuring tools were properly configured and produced complete and reasonable results. On the other hand, different vulnerabilities and information produced by multiple tools and techniques are placed into the same context, prioritized and rated. This enables an iterative process in which compiled information may be relevant to identify further vulnerabilities.

Exploitation and Post-Exploitation

Exploitation and Post-Exploitation allow demonstrating the impact of activities of real-world adversaries such as escalation of privileges, extraction of sensitive information or potential impact on critical business processes. As new attack opportunities may be identified as a result of that phase, another vulnerability analysis phase may be required to be initiated, which is another indication of the iterativeness of the overall process.


The assessment report contains an executive summary, outlining overall risk posture of the environment as well as key findings, a summary of the environment in scope, a description of the assessment methodology and the assessment work conducted and a detailed list of findings and recommendations.


Does a penetration test have negative side effects on the system in scope?

Usually not, but by its very nature, it cannot be completely ruled out. Therefore, penetration testing is ideally performed in a non-productive but equivalent environment to completely mitigate the risk of any interferences. In reality this is not always possible, and the Limes Experts are used to operate in productive environments. The residual risks are compensated by appropriate planning, a transparent assessment approach and a focus on communication with clients.

Does a penetration test proof that a system is secure?

The result of penetration test reveals the weaknesses that could be identified and exploited based on defined and assigned resources. By applying a risk-based approach, the respective technical results are only valid for a given point in time. Therefore, Limes Security maps revealed technical weaknesses to the relevant supporting process that has failed or has been insufficiently applied. This enables addressing the weaknesses on a higher level too and therefore encourages sustainable security.

What is the difference to a vulnerability scan?

We sometimes observe that there is a misconception between penetration testing and vulnerability scanning. This can culminate in a vulnerability scan being sold as a penetration test, which it is definitely not. While vulnerability scanning is usually an automated process and part of an initial phase in penetration testing, penetration testing also actively involves manual testing steps of experienced experts. This is required to establish a common context of different vulnerabilities as well as to cover vulnerability categories that cannot be detected by automated scanning at all.

When is the best time for a penetration test?

Ideally, penetration testing is carried out in parallel to the whole system or component life cycle with a different focus at each phase. Besides, the most important times for a penetration test are prior go-live/release as well as after undergoing major changes.