Skip to content

Services, Wiki-Artikel, Blog-Beiträge und Glossar-Einträge durchsuchen

↑↓NavigierenEnterÖffnenESCSchließen

Vulnerability Scanning

Find vulnerabilities.
Before attackers do.

Automated detection. Manual validation. Zero false positives. Results you can act on immediately.

Request a Scan What we scan
ISO 27001 NIS-2 compliant 100% Germany
scan-result.a7.de
Critical CVSS 9.1

CVE-2024-21762 - FortiOS Out-of-Bound Write

High CVSS 7.5

Outdated OpenSSL version with known exploit

Medium CVSS 5.3

TLS 1.0/1.1 active - downgrade attack possible

Validated

14 false positives eliminated by expert review

3 findings confirmed - 14 false positives removed AWARE7 validated

Trusted by organisations across industries

new CVEs published daily
70+
false positives
0
to fixed-price quote
24h
data processed in Germany
100%

Why organisations need to act now

New vulnerabilities are published every day. Without regular scans, your attack surface grows unnoticed.

NIS-2 obligation since 2025

Approximately 30,000 organisations in Germany are affected. Article 21 NIS-2 mandates demonstrable vulnerability detection measures - fines of up to EUR 10 million apply for non-compliance.

70 new CVEs per day

Over 25,000 new vulnerabilities were published in 2025. What was secure yesterday may be exploitable today. Only regular scans keep you current.

USD 4.88M average breach cost

The global average cost of a data breach (IBM Cost of a Data Breach Report 2024). In Germany the figure is even higher at USD 5.31M. Proactive scanning costs a fraction of that.

Our approach

Scanner power + expert validation

Anyone can run a scanner. The difference lies in the interpretation: our certified experts validate every finding, eliminate false positives, and prioritise by real business risk.

DIY Tool SaaS Scanner AWARE7 Managed
Expert validation
False positive rate 30-70% 20-50% 0%
Remediation guidance Generic Template Tailored
Risk prioritisation CVSS only CVSS only CVSS + business risk
Compliance report Limited
Dedicated point of contact
Data processing Local US/Cloud Germany

What we scan

From a single web application to your entire cloud infrastructure - we assess what you need to protect.

External infrastructure

Internet-facing systems: web servers, mail servers, VPN gateways, cloud resources, DNS configuration, exposed services.

  • +Port scan & service identification
  • +SSL/TLS configuration review
  • +DNS enumeration & subdomain discovery

Internal infrastructure

Active Directory, network segmentation, internal servers and services, patch levels, configuration weaknesses.

  • +AD configuration review
  • +Patch level analysis
  • +Network segmentation check

Web applications

OWASP Top 10, SSL/TLS, security headers, known CMS vulnerabilities, API endpoints, configuration errors.

  • +OWASP-based assessment
  • +Security header analysis
  • +Known CVEs in frameworks

Cloud environments

AWS, Azure, GCP: IAM configuration, storage permissions, network security groups, container images, serverless functions.

  • +IAM & permissions review
  • +Storage misconfigurations
  • +Container image scanning

What does a vulnerability scan cost?

Transparent pricing. Fixed-price quote in 24 hours.

One-time Scan

A snapshot of your current security posture.

from 1,500 EUR

  • Rapid overview of your security posture
  • Expert validation included
  • Ideal as a baseline before a pentest
  • Suitable as compliance evidence for auditors
Request a scan
Recommended

Managed Scanning

Monthly or quarterly in the retainer model.

from 990 EUR/month

  • New CVEs checked against your systems immediately
  • Trend analysis and progress measurement
  • Meets NIS-2 and ISO 27001 requirements
  • Dedicated contact, priority support
Request managed scanning

All prices excl. VAT. Includes expert validation, management summary, and remediation recommendations.

Combine scan + pentest - save up to 20%

Regular scans as your continuous baseline, complemented by annual pentests. The ideal combination for lasting security.

Request combined pricing

What we typically find

Anonymised examples from real scan engagements

Critical CVSS 9.8

Unpatched Exchange Server - ProxyLogon (CVE-2021-26855)

Publicly accessible Exchange server without current security update. Remote code execution possible.

High CVSS 7.5

Outdated OpenSSL version with known memory leak

Web server running OpenSSL 1.1.1, which reached end-of-life in September 2023 and no longer receives security updates.

Medium CVSS 5.3

Missing security headers (HSTS, CSP, X-Frame-Options)

Web application does not set a Content-Security-Policy. Clickjacking and XSS attacks are facilitated.

Low CVSS 3.1

DNS zone transfer permitted on primary nameserver

Attackers can query the complete DNS zone structure, allowing enumeration of internal hostnames and IP addresses.

On average we find 8-15 validated vulnerabilities per scan - 2-4 of which are rated high or critical severity.

Sample document

Scan Report

See how we document vulnerabilities - with risk ratings and concrete remediation recommendations.

01 Management Summary
02 Validated findings with CVSS ratings
03 Prioritised remediation recommendations
04 Trend analysis (retainer model)

Request a sample scan report

See an anonymised vulnerability scan report showing how we document and prioritise findings - free and without obligation.

By submitting you agree to our Privacy Policy. No spam - only the requested report.

How secure is your infrastructure, really?

Free 30-minute call. Fixed-price quote in 24 hours.

Request a Scan

Kostenlos · 30 Minuten · Unverbindlich

Vulnerability scan or penetration test?

Both methods have their place. The question is: which do you need right now?

Vulnerability Scan

  • +Broad coverage across many systems
  • +Fast results (3-5 business days)
  • +Cost-effective for regular monitoring
  • +Ideal for compliance evidence
  • +Identifies known CVEs and misconfigurations

From EUR 1,500 one-time - from EUR 990/month

Penetration Test

  • +In-depth assessment of specific systems
  • +Finds logical flaws and business logic vulnerabilities
  • +Active exploitation of vulnerabilities
  • +Chains vulnerabilities into realistic attack paths
  • +Reproducible proof-of-concepts

From EUR 5,000 - Learn about penetration testing

Our recommendation: Start with a vulnerability scan to establish your baseline. Then plan targeted penetration tests for your most critical systems. In a retainer, we combine both.

How a vulnerability scan works

From scope definition to validated report - in 5 steps.

01

Scope definition

Day 1

Together we map your IT landscape: IP ranges, domains, cloud resources. External systems, internal infrastructure, or both?

02

Automated scan

Day 1-2

Our enterprise-grade scanners assess your systems for known vulnerabilities (CVE), misconfigurations, outdated software, and exposed services.

03

Expert validation

Day 2-3

Every finding is manually reviewed by our certified experts. False positives are eliminated. Risks are prioritised by CVSS score and business context.

04

Report & recommendations

Day 3-5

A clear report with a management summary, technical findings, risk ratings, and prioritised remediation steps.

05

Debrief & next steps

Optional

In the retainer model: regular repetition with trend analysis. You can see the progress of your security measures over time.

NIS-2 Obligation

Vulnerability management is no longer optional

Article 21 NIS-2 Directive requires approximately 30,000 organisations in Germany to implement measures for detecting and handling technical vulnerabilities. ISO 27001:2022 (Annex A.8.8) mandates the same. Without documented evidence, fines of up to EUR 10 million or 2% of global annual turnover apply. Directors bear personal liability under NIS-2.

Our scan reports are designed as compliance evidence for NIS-2, ISO 27001, and NIST CSF

Regular scans document due diligence obligations - required evidence in audits and regulatory reviews

Trend reports in the retainer model demonstrate continuous improvement - exactly what auditors expect

Start a compliant scan

Why AWARE7 for your vulnerability scan

Was uns von anderen Anbietern unterscheidet

Reine Awareness-Plattformen testen keine Systeme. Reine Beratungskonzerne sind zu weit weg. AWARE7 verbindet beides: Wir hacken Ihre Infrastruktur und schulen Ihre Mitarbeiter - mittelstandsgerecht, persönlich, ohne Enterprise-Overhead.

Forschung und Lehre als Fundament

Rund 20% unseres Umsatzes stammen aus Forschungsprojekten für BSI und BMBF. Unsere Studien analysieren Millionen von Websites und Zehntausende Phishing-E-Mails - publiziert auf ACM- und Springer-Konferenzen. Drei unserer Führungskräfte sind gleichzeitig Professoren an deutschen Hochschulen.

Digitale Souveränität - keine Kompromisse

Alle Daten werden ausschließlich in Deutschland gespeichert und verarbeitet - ohne US-Cloud-Anbieter. Keine Freelancer, keine Subunternehmer in der Wertschöpfung. Alle Mitarbeiter sind sozialversicherungspflichtig angestellt und einheitlich rechtlich verpflichtet. Auf Anfrage VS-NfD-konform.

Festpreis in 24h - planbare Projektzeiträume

Innerhalb von 24 Stunden erhalten Sie ein verbindliches Festpreisangebot - kein Stundensatz-Risiko, keine Nachforderungen, keine Überraschungen. Durch eingespieltes Team und standardisierte Prozesse erhalten Sie einen klaren Zeitplan mit definiertem Starttermin und Endtermin.

Ihr fester Ansprechpartner - jederzeit erreichbar

Ein persönlicher Projektleiter begleitet Sie vom Erstgespräch bis zum Re-Test. Sie buchen Termine direkt bei Ihrem Ansprechpartner - keine Ticket-Systeme, kein Callcenter, kein Wechsel zwischen wechselnden Beratern. Kontinuität schafft Vertrauen.

Für wen sind wir der richtige Partner?

Mittelstand mit 50–2.000 MA

Unternehmen, die echte Security brauchen - ohne einen DAX-Konzern-Dienstleister zu bezahlen. Festpreis, klarer Scope, ein Ansprechpartner.

IT-Verantwortliche & CISOs

Die intern überzeugend argumentieren müssen - und dafür einen Bericht mit Vorstandssprache brauchen, nicht nur technische Findings.

Regulierte Branchen

KRITIS, Gesundheitswesen, Finanzdienstleister: NIS-2, ISO 27001, DORA - wir kennen die Anforderungen und liefern Nachweise, die Auditoren akzeptieren.

Mitwirkung an Industriestandards

LLM

OWASP · 2023

OWASP Top 10 for Large Language Models

Prof. Dr. Matteo Große-Kampmann als Contributor im Core-Team des international anerkannten OWASP LLM-Sicherheitsstandards.

BSI

BSI · Allianz für Cyber-Sicherheit

Management von Cyber-Risiken

Prof. Dr. Matteo Große-Kampmann als Mitwirkender des offiziellen BSI-Handbuchs für die Unternehmensleitung (dt. Version).

Referenzen aus der Praxis

Pentesting & Schwachstellenscans

Sill Optics GmbH

Feststellung der Angriffsfläche bei Sill Optics GmbH

Pentesting & Schwachstellenscans

XignSys GmbH

Whitebox-Penetrationstests eines Authentifizierungsdienstes als Mobile- und Web-Anwendung

Security is also social responsibility

AWARE7 is committed beyond day-to-day business: as the founder of a scholarship at Ruhr University Bochum, we support the next generation of cybersecurity professionals. We are a member of the BSI Alliance for Cyber Security and train our own specialists. Our R&D certificate confirms our commitment to cybersecurity research and innovation.

Learn more about AWARE7

Frequently asked questions about vulnerability scanning

A vulnerability scan is a systematic, tool-assisted assessment of your IT systems for known weaknesses. Unlike a penetration test, vulnerabilities are identified but not actively exploited. It is the most efficient way to gain a comprehensive overview of your security posture. At AWARE7, every automated scan is combined with manual expert validation to eliminate false positives and deliver results you can act on immediately.
A vulnerability scan identifies known weaknesses (CVEs, misconfigurations, outdated software) using automated tools and is faster and more cost-effective than a pentest. A penetration test goes further: our experts actively exploit vulnerabilities, chain them into attack paths, and find logical flaws that no scanner can detect. The ideal approach is a combination: regular scans as a continuous baseline, complemented by annual pentests for in-depth analysis.
Pure scanning tools such as Nessus, Qualys, or OpenVAS deliver raw data with 30-70% false positives. At AWARE7, a certified expert (OSCP, T.I.S.P.) manually validates every finding, prioritises by actual business risk, and provides concrete remediation guidance. You receive a report you can act on immediately - not a 200-page CSV file.
We recommend scanning at minimum quarterly. For NIS-2-affected organisations and critical infrastructure operators, monthly scanning is standard. Approximately 70 new CVEs are published every day - without regular scans, your attack surface grows unnoticed. In the retainer model, we scan automatically and provide trend analyses that demonstrate the progress of your security measures.
Yes. We offer both external scans (internet-facing systems such as web servers, mail servers, VPN gateways, cloud resources) and internal scans (network infrastructure, Active Directory, internal servers and services). For internal scans we deploy a scan appliance on-site or use your VPN access.
One-time scans start from EUR 1,500 for small infrastructures (up to approx. 50 IP addresses). In the retainer model (monthly or quarterly), pricing starts from EUR 990/month including expert validation and trend reporting. We provide an individual fixed-price quote within 24 hours based on your scope.
As a rule, no. Modern vulnerability scanners are designed not to disrupt production systems. We agree the scan window with you in advance and can adjust scan intensity to suit your environment. On request we scan outside business hours. Destructive tests (DoS checks) are only conducted upon explicit authorisation and in isolated test environments.
Yes. NIS-2 (Article 21 NIS2 Directive) requires affected organisations to implement measures for risk analysis and the security of information systems. Regular vulnerability scans are the operational foundation of this requirement. ISO 27001:2022 (Annex A.8.8) and DORA also explicitly mandate the management of technical vulnerabilities. Our reports are structured to serve as compliance evidence for auditors.
Regular vulnerability scans support compliance with: NIS-2 (Article 21), ISO 27001:2022 (Annex A.8.8 - Management of Technical Vulnerabilities), NIST CSF 2.0 (ID.RA, DE.CM), PCI DSS (Requirement 11.2), DORA (Articles 24-27), TISAX (ISA 5.2.6), and SOC 2 (Availability, Confidentiality). Our reports are structured so they can be submitted directly as evidence in audits.
Yes. All scan data, results, and reports are processed and stored exclusively on our own infrastructure in Germany. No cloud provider, no data centre outside Germany. AWARE7 is itself ISO 27001:2022 certified and subject to German data protection law. Your vulnerability data does not leave Germany.

Three steps to your vulnerability scan

No lengthy procurement process. You speak with us - and we get started.

1

Initial consultation

30 minutes, free of charge. We define scope, systems, and timeline.

2

Fixed-price quote in 24h

Binding, transparent, no hidden costs. You decide at your own pace.

3

Scan begins

We scan, validate, and deliver your report with prioritised remediation recommendations.

Book a free consultation
ISO 27001:2022
ISO 9001:2015
BSI Alliance for Cyber Security
OSCP · T.I.S.P. · CEH
100% Germany

Aus dem Blog

Weiterführende Artikel

Ready to take the next step?

Regular vulnerability scanning is the foundation of every security strategy. Start today.

Book a Free Consultation

Kostenlos · 30 Minuten · Unverbindlich