Need a penetration test?Direct contact with our security specialists

In a market full of generic promises, we test your systems with the knowledge of engineers who grew up between patch panels and server rooms.

Schedule an introduction Direct contact: +31 20 716 5487

ISO 27001

ISO 9001

Cyberveilig NL

Your IT infrastructure tested by engineers who know systems from both the inside and the outside.

We understand the gap between security on paper and the real-world complexity of IT landscapes. Having Neo Security perform a penetration test? We understand your context and deliver quality.

What is a penetration test?

A penetration test simulates a targeted cyber attack on your IT systems at the network and/or application layer. A pentest is carried out by ethical hackers who use the same tools and techniques as real attackers.

Where many providers stop at automated scans, we think like attackers. We bring years of experience in designing and managing Active Directory environments, complex networks and critical infrastructure. This hands-on experience is what makes the difference between simple checks and real security research.

The goal of a penetration test: our attack becomes your defence

A penetration test gives you insight into your actual security posture. You receive a clear overview of risks, ranked by business impact. In addition, a pentest provides your IT team with valuable security insights that can be applied directly in the development and design of systems.

Welke soorten pentests zijn er?

Afhankelijk van uw situatie en doelstellingen kiezen we de juiste testaanpak

Black Box Testing

We carry out the attack without any prior knowledge, just as an external hacker would. We attempt to gain a foothold and then move further into the environment.

Grey Box Testing

We simulate the most realistic scenario in which an attacker has already obtained some level of access and then tries to escalate to higher privileges.

White Box Testing

With full access to source code and documentation, we analyse all potential vulnerabilities from the inside out.

Crystal Box Testing

Real-time collaboration between our testers and your development team. We share findings directly while testing.

Wat kunnen wij testen?

Technical Penetration Testing

Network Infrastructure

We test both internal and external network infrastructure, including lateral movement, privilege escalation and network segmentation.

Web Applications

In-depth testing of your critical applications and business logic based on the OWASP ASVS framework.

APIs & Microservices

We test REST, GraphQL, SOAP and Firebase APIs for authentication, authorization and business logic flaws.

Cloud Infrastructure

Multi-cloud environments (AWS, Azure, GCP) with a focus on IAM misconfigurations and container security.

Mobile Applications

End-to-end security testing of iOS and Android apps, including backend APIs and platform-specific vulnerabilities.

Specialised Assessments

OT/SCADA Systems

Industrial control systems testing with full preservation of operational continuity.

DigiD Assessments

Annual DigiD assessment according to Normenkader 3.0, including assurance reporting for Logius.

Physical Security Testing

Physical security assessments of buildings, access control and social engineering resistance.

Social Engineering Testing

Simulations of phishing, vishing and pretexting attacks to test your human firewall.

Compliance-driven pentests (NEN 7510, ISO 27001, BIO, PCI-DSS)

NEN 7510 Pentest (healthcare organisations)

NEN 7510 penetration tests help demonstrate that your healthcare organisation meets the highest requirements for securing medical and patient data.

ISO 27001 Pentest (quality assurance)

Our ISO 27001 penetration tests validate your ISMS in practice and support (re)certification and continuous improvement of your security measures.

BIO Pentest (government bodies)

Supports compliance with the Baseline Informatiebeveiliging Overheid (BIO) and protects sensitive government information against misuse and data breaches.

PCI-DSS Pentest (financial institutions)

PCI-DSS penetration tests evaluate your environment against the Payment Card Industry Data Security Standard and protect cardholder and transaction data.

Waarom u op ons kunt vertrouwen

Tailored engagements

Your organisation is unique. That is why you receive a pentest methodology tailored to your specific situation.

Engineering background

With many years of hands-on experience in complex IT environments, we know exactly where administrators tend to make mistakes.

Business context

We analyse not only what can go wrong, but also the impact on your day-to-day operations and revenue.

Real solutions

Clear steps from root cause to concrete actions. Need help implementing them? We are always within reach.

Free retest

Have you implemented our recommendations? We will then test free of charge whether the vulnerabilities have been properly resolved.

No-obligation consultation and proposal

Curious what a penetration test can do for your organisation? We always start with a no-obligation conversation to discuss your specific situation and requirements. There is no commitment, and you immediately receive valuable advice.

Start Security Test