Our goal is to find technical risks and vulnerabilities in the target systems.
If you observe attacks during the test period, you can use our IP address to check whether these attacks originate from us. Our source IP address is 184.108.40.206.
In order to use our time frame as efficiently as possible, we recommend a regular
informal exchanges during testing and a spirit of partnership
(such as providing test users and access, or - at our explicit request - the deactivation of certain security measures).
We will report serious vulnerabilities to you verbally as soon as possible and during the testing period.
We ask you not to fix vulnerabilities during the testing period without consulting us. This makes testing more difficult and reduces the efficiency and quality of our testing.
If you have purchased directly from us, we will retest fixed vulnerabilities once within eight weeks free of charge. This way you can later be sure that the fixes are effective.
Any internal information provided to us and our findings from the tests are
confidential and will of course not be passed on to third parties.