Skip to main content
← All services

Security

IT security and penetration testing – protect your business from day one

Nettkonsult delivers holistic IT security: penetration testing, risk analysis, DevSecOps and GDPR advisory for Norwegian businesses. Following OWASP, NIST and ISO 27001.

Request a quote Contact us

About this service

Digital security is the foundation of modern products. We help companies building their own solutions – or securing existing systems – with concrete measures, not just theoretical reports.

We follow recognised frameworks such as OWASP, NIST and ISO 27001, and help Norwegian businesses meet NIS2 and GDPR requirements. Whether you are in early stage or scaling an existing product, we provide concrete, prioritised actions.

What you get

  • 1

    Concrete findings

    Clear reports with a prioritised action list.

  • 2

    Business understanding

    Security assessed against actual risk and value.

  • 3

    Before and after launch

    Testing at MVP, scaling and major changes.

  • 4

    Developer-friendly

    Advice the team can implement directly in code and process.

  • 5

    Investor-ready documentation

    Confidence for customers, partners and due diligence.

  • 6

    Ongoing programme

    One-off testing or continuous security follow-up.

Workflow

How we work

Concrete steps we follow to ensure quality, pace and clear communication throughout the project.

  1. Valuation of systems, data and exposure

  2. Risk analysis and threat modelling

  3. Penetration testing of web, mobile and API

  4. Secure development and DevSecOps advisory

  5. GDPR, ISO 27001 and compliance support

  6. Prioritised action plans and follow-up

What we deliver

  • 01

    Penetration testing

    Manual and automated testing of web and API.

  • 02

    Mobile app security

    Testing iOS and Android for leaks and weaknesses.

  • 03

    Risk analysis

    Threat model with likelihood and impact.

  • 04

    DevSecOps advisory

    Security embedded in development and deploy process.

  • 05

    Compliance support

    Gap analysis and guidance for GDPR and standards.

Typical situations

When is it a fit?

  • 1

    Pre-launch

    The product is going live and must withstand external scrutiny.

  • 2

    Missing internal expertise

    The team ships fast but needs security sparring.

  • 3

    After incident or audit

    You must document improvement and compliance.

  • 4

    Investor or enterprise customer

    External security documentation requirements are increasing.

FAQ

Frequently asked questions

What is penetration testing?

Penetration testing is a controlled simulation of a hacker attack on a system, website or API to find vulnerabilities before real attackers do. We perform manual and automated testing following OWASP methodology.

How much does a security test for a website cost?

A simple web test often starts from around NOK 20,000, while complex systems with API layers and authentication can cost NOK 50,000–150,000. Contact us for a no-obligation estimate.

What is the NIS2 directive and does it apply in Norway?

NIS2 is the EU's revised cybersecurity directive adopted in 2024 and incorporated into Norwegian law via the EEA agreement. It sets stricter requirements for risk management, incident reporting and supplier security in critical sectors.

What is the difference between GDPR compliance and ISO 27001?

GDPR is a legal requirement for personal data processing in the EU/EEA. ISO 27001 is a voluntary international standard for information security management systems. Many organisations use ISO 27001 as a framework to meet GDPR requirements.

Next step

Ready for a no-obligation chat?

We map your needs and propose a solution tailored to your budget and timeline – with no obligation.

Request a quote Contact us

Related services

Cloud and DevOps

We migrate and operate cloud infrastructure on AWS, Azure and Google Cloud. CI/CD, Terraform, Kubernetes and DevOps for secure, scalable and cost-effective cloud delivery in Norway.

Read more →

Custom software development

We build custom software systems with Java, .NET, Node.js and Kotlin. Integrations, process automation and backend systems for Norwegian SMBs and scaleups.

Read more →

Mobile development

Custom mobile apps for iOS and Android with React Native, Flutter and native development. Norwegian IT partner focused on performance, security and scalability.

Read more →

Ready to get started?

Contact us for a no-obligation conversation about your project.

Get started Contact us