FAQ

Frequently Asked Questions

When was the company founded?
Kalweit ITS GmbH (formerly Kalweit ITS Consulting) was founded by our managing director Philipp Kalweit in 2017, when our founder was not even an adult. In the same year, he received his full legal capacity from the regional district court.

Kalweit ITS GmbH is Germany's only limited liability company founded by a minor.
 What happens to our data?
Kalweit ITS GmbH is aware of its responsibility. Your data will be stored in accordance with the highest security standards. One of our standards is to seal customer relationships with a non-disclosure agreement.
How is sensitive information treated? 
Kalweit ITS GmbH undertakes to maintain absolute confidentiality, which includes all types of customer data. We guarantee this in a mutual non-disclosure agreement. After successful processing of our collaborations, all data or data carriers are destroyed or returned to the customer. But also during our cooperations we guarantee you the highest standards of data security. We use the latest encryption technologies, crypto hardware and store your customer data - if at all - only on multiple secured hardware.

Furthermore, we assure you that we will only process your confidential information within the scope of our contractual relationship and will not use it for commercial or private purposes.
Is the Kalweit ITS GmbH independent?
As a professional security service provider, we only offer you security-focused services. We do not sell any specific products by other manufacturers and therefore we do not have cooperations with other (security) service providers, so that our independence and objectivity can be guaranteed in any case.
How does a penetration test work?
A penetration test runs through six steps by default:

- Initial interview
- Conversation with all parties involved
- Execution - Documentation
- Risk assessment
- Presentation of the results

During the first meeting we get to know you and your company better. This includes your business processes, making it easier to dedicate attack vectors relevant to your company.

In the second round of talks, we discuss the further steps to be taken together with all decision-makers. The method of penetration testing to be used is specified more precisely. Possible "prejudices", concerns and especially the relevance and necessity of such a revision can also be discussed in detail. Within the scope of the penetration test, possible attack vectors are dedicated, identified and their relevance and priority for your daily business processes are worked out, and we present the results to you. Weak points discovered during this process are not only explained theoretically, but also explained and visualized in a detailed and understandable way. A written presentation will also be provided.

In a further step, recommendations for action can be made. In any case, however, a security concept is worked out which shows proactive solutions for improving IT security. If desired, a final inspection is also possible.
What are the costs of a project?
Generally, a project order depends on three factors:
The time resource, the financial resource and the relevance.

The time expenditure can only be roughly narrowed down. It differs due to the different IT infrastructures and the diverse requirements. In any case, it ranges from a few days to a maximum of four weeks. The financial resource is determined by the client. In principle, however, it can be stated that a short examination in comparison to no examination at all is always worth it.

The relevance depends on the given IT infrastructure and the individual customer requirements.

In a free of charge and non-binding initial consultation, we will narrow down the three factors mentioned above further and offer you an individual range of services.
What is PGP?
PGP (Pretty Good Privacy) is a program standard that has become well established in practice. It is useful for the encryption and signing of data.

PGP is a standard we have set in our company for email communication. It guarantees the protection of your personal data and should be used in any case when contacting us via e-mail. A tutorial on using PGP can be found here:

http://www.bitcoinnotbombs.com/beginners-guide-to-pgp/
What infrastructure does Kalweit ITS GmbH test?
As a security consulting firm, we advise and audit any kind of IT infrastructure. It makes no difference whether we are talking about software solutions or server infrastructure. We provide you with a competent consultant for every topic.
Can our systems fail during a penetration test? 
Kalweit ITS GmbH simulates hacker attacks, but does not act one hundred percent like an attacker. Thus we penetrate your IT infrastructure, but evaluate possible actions in any case. A lively exchange with a local contact person on site is not only desirable, but in any case a standard.

As a security service provider, we are aware of our responsibility and want to avoid - in our cooperation with the customer - a limitation or failure of daily business processes in any case.
What references can Kalweit ITS GmbH provide?
Our customers appreciate our awareness of confidentiality and discretion. For this reason, we therefore cannot provide you with precise references.

Thank you for your understanding.
By accessing this site, you consent to the use of cookies in accordance with our Privacy Policy. Additional information