During our pentests

• Our goal is to find technical risks and vulnerabilities in the target systems.
• If you observe attacks during the test period, you can use our IP address to check whether these attacks originate from us. Our source IP address is 91.99.251.12.
• In order to use our time frame as efficiently as possible, we recommend a regular
  informal exchanges during testing and a spirit of partnership
  (such as providing test users and access, or - at our explicit request - the deactivation of certain security measures).
• We will report serious vulnerabilities to you verbally as soon as possible and during the testing period.
• We ask you not to fix vulnerabilities during the testing period without consulting us. This makes testing more difficult and reduces the efficiency and quality of our testing.
• If you have purchased directly from us, we will retest fixed vulnerabilities once within eight weeks free of charge. This way you can later be sure that the fixes are effective.
• Any internal information provided to us and our findings from the tests are
  confidential and will of course not be passed on to third parties.