In the course of digitization and digital change, the client is rethinking. The client wants to open up and offer his customers new communication channels.

For this purpose, the security gaps in business applications and processes and the underlying backends, including their interfaces, should be regularly determined, weak points identified and potential threats better assessed. Security gaps and risks must be identified and rectified at an early stage in order to avoid malicious attacks by third parties or unlawful access to data.

The security of business applications and processes must be optimized accordingly, protective mechanisms prioritized and the reaction mechanisms tested.

On the basis of the information and access provided, security gaps in the individual systems and possible solutions for IT security are to be identified.

Without knowledge of the IT infrastructure, the systems are to be attacked and possible solutions for IT security are shown.

Planned and targeted attacks are to be carried out in order to check the employees of BKK Mobil Oil for their information security behavior in the classic IT environment. Measures taken so far to defend against social engineering attacks are to be checked and optimized, and future measures are to be proposed.

Implementation of an architectural security and attack vector analysis as well as process analysis. Furthermore, a threat and weak point analysis is to be offered for the identification and evaluation of attack scenarios.

The contractor must be available as part of an emergency support in the event of hacker attacks to close the security gaps.