We are the number one pen test agency in the Netherlands and usually have capacity quickly

The nitpicker's pen test: be just as creative as a criminal

Stop generic pen tests.
Start specific pen tests.

With our smart, strategic and specific pen test, we test more than just technology. Much more. You get the exact target points mapped out for cyber criminals, specific to your business, industry and customer base. With our customised reporting, you can protect yourself with specific accuracy. The result: no unnecessary costs, no unforeseen risks.

SECWATCH is the number one pen test agency in the Netherlands: we do nothing else, all year long.

Don't delay! We have capacity for ten pen tests a month.

Book a pentest right away

We already carried out over 1,500 specialist pen tests

For over 15 years, we’ve been performing specialist security assessments on networks and software. More than 100 per year. We work for hundreds of companies in every industry, from government to commercial businesses.

We offer understanding guarantee, which means that our pen testers continue until every IT/security officer knows 100% what we have flagged and which steps he or she has to take to resolve it.

Don't wait any longer. Thanks to our specific working method, we have capacity for up to 10 pen tests.

Apply now

Health care institution

Appointment records of other patients were accessible - undetected by three previous pen tests

During the pen test for a healthcare organisation, we found a critical vulnerability with huge impact: unauthorised users could view patients’ appointment records. A nightmare for any healthcare organisation.

The developer at the client commented that this was impossible: ‘That doesn’t seem right. Did you get that right?’ We were 95% convinced that this was a high-impact issue. By acting like cyber criminals, we managed to reproduce the problem. The developer was grateful that we were so persistent. The institution took immediate action and fixed the problem.

"Ze pushen niet, maar geven wel precies het vertrouwen dat je nodig hebt. Dit zijn de mogelijkheden. Wil je je security écht goed aanpakken, in jouw situatie, dan is dit wat je zou moeten doen."

IT manager van distributiecentrum

"Secwatch is down to earth en pragmatisch. Ze lossen het gewoon op."

Anoniem, directeur van een cloud documentsysteem met een paar 100.000 personeelsdossiers

"Onze mensen hebben rechtstreeks contact met de mensen die de pentest uitvoeren."

Anoniem, directeur van een cloud documentsysteem met een paar 100.000 personeelsdossiers

The Nitpicker's Pen test

One test. Tons of ways that will help you better protect your organisation. A preview of the results of our pen test:

Are you a CISO or IT manager who already has a lot of good stuff in place in terms of internal security? Then it is even more important to see how ethical hackers can still find holes/vulnerabilities in your online security by manually, investigatively and by thinking like a real hacker.

What your real vulnerability is (and how to protect against it) will only be revealed by thinking specifically like a hacker.

Since we deliver meticulously customised products, you never buy too much or too little, but always just right. So no unnecessary costs, because we don’t sell you anything you don’t need.

Our ‘data detectives’ don’t just ignore vulnerabilities because a scanner labelled them ‘low risk’. We know that the impact of a low-risk vulnerability can be very high: this way of working is essential for detecting costly threats and data breaches.

Through our thorough preparation phase with both passive and active enumeration, our ethical hackers detect deep, specific vulnerabilities that can significantly damage your organisation’s cyber security.

Our pen testers reproduce vulnerabilities and findings. This allows us to guarantee with 100% certainty whether or not issues pose a threat to your organisation.

Our testers regularly uncover vulnerabilities that were NOT spotted in previous pen tests but have a huge impact on companies’ internal cyber security.

What you should never do when a finding ‘CAN’T be right’ according to teammates is to assume that it is indeed wrong. If it CAN be true, you must rule out IF it is true. That is what our specialists do.

When you hire our specialist pen testers, you have consultants who never have to divide their attention between multiple disciplines. They use yesterday’s experience and knowledge directly in the tests they do today

Did you know that we collaborate at the highest level with the Dutch government and cyber security specialists? So, we always have first-hand use cases, knowledge and test results.

Why our specialist pen testers are a breath of fresh air for your developers? Because they can improve the quality of their software.

Because our pen testers think like real hackers, they find attack methods that cyber criminals can also use and uncover information that generic scanners fail to notice.

Our testers spend 20% of their working time on study and expertise to keep their specialist know-how up to date.

What you should never do if you want to identify the less obvious and costly risks for your particular business? Forget to include the ‘dumb devices’ that can be used by hackers as stepping stones in pen tests. Consider it done.

The quickest and safest way to upgrade your security is to put your team members and our experts together in a secure chat group.

100% of our ethical hackers are at least CEH-certified. Indeed: at least. Because then we haven’t even mentioned ECSA/LPT, OSCP, GWAPT, GXPN, GAWN and OSWE.

Note that if you have a complex technological setup, the strength of your security depends on the scope. This is why our specialists look at all the loopholes and there are never things ‘out of scope’ that a cyber criminal would also not put out of scope.

Are you human? 🙂 Then you also want to work with a human party. We think with you, communicate directly and openly, and do not make things difficult.

No loose ends in your security policy. Our specialists immerse themselves in your business objectives. As a result, we know exactly what needs to be done in what order to achieve your security goals.

We offer understanding guarantee, which means that our pen testers continue until every IT/security officer knows 100% what we have flagged and which steps they must take to resolve it.

Ready for the Nitpicker's Pen test?

Why wait? In four to six weeks, you can have a specific security report in your hands, with specific security measures for your specific business and industry.


  1. Scope

    After your request, we schedule a Clarity Call to get scope and requirements clear. What are we going to test? What are the dependencies? When can we start?

  2. Prep

    We provide the clearance, agree schedule and turnaround time and record the debrief. From then on, we keep in close contact about the progress.

  3. Pen test

    Our specialists get to work and look like a hacker at your tech, systems, software and anything else we think a cyber criminal might find interesting.

  4. Research

    Everything we find, we analyse and classify. We put all data against the bar of your specific challenges and assets. This is the data detective work.

  5. Debrief

    You will receive a clear report with a hyper-relevant overview. Our understanding guarantee comes into effect: our specialists create clarity down to the last letter.

Phone number copied to clipboard