Independently Verified Product Security

Tested by SySS: Password Depot 19

Password Depot 19 has been tested by SySS GmbH as part of an independent penetration test. In their certificate, SySS confirms that no critical vulnerabilities were identified within the agreed test period and at the defined depth of testing.

Download Certificate Go to Password Depot
Independent Assessment 12/2025 Retest Recommended
Key Finding

The Key Finding

SySS confirms for Password Depot 19.0.0 that the test subject withstood the simulated attacks within the stated period and at the defined depth of testing. According to the certificate, no critical vulnerabilities were identified.

Assessor SySS GmbH
Test Subject Password Depot 19
Test Period 01.–23.12.2025
Recommendation Retest After Changes

Independent Assessment

The security assessment was conducted externally by a company specialising in penetration testing.

Realistic Attack Scenarios

Typical attack vectors relevant from the perspective of potential attackers were tested.

Security as a Process

A penetration test is a point-in-time technical assessment. That is why we rely on continuous improvement rather than one-off statements.

Test Scope

Scope of the Penetration Test

According to the certificate, the following attack scenarios were simulated, among others:

  • Cryptographic attacks
  • Rogue client attacks
  • Rogue server attacks
  • Machine-in-the-middle attacks
  • Input validation attacks

The detailed report additionally explains that the focus of the test was on Password Depot for Windows and Password Depot Enterprise Server with REST API. Android, iOS, macOS and a web client were considered at a basic level.

Test Progression

Project period: 01.12.2025 to 23.12.2025

Test depth: 10 person-days

Conducted by: Two IT security consultants from SySS

SySS recommendation: Retest after every significant change or at least annually.

Transparency

What We Deliberately Do Not Disclose Publicly

A detailed pentest report contains individual technical findings, attack paths and security-sensitive information. Such content does not belong on a public website.

This page therefore focuses on the confirmed assessment framework, the overall conclusion and the independent execution.

Important for Context

A penetration test is always an assessment within a defined scope, time frame and test budget. It does not replace ongoing security work, but it is an important external proof of the technical review of a product.

Proof for Customers and Partners

For tenders, security assessments and procurement processes, we provide the official SySS certificate as proof of external testing.

Download PDF Contact Us
Certificate available as PDF – suitable for procurement documents, audits and security assessments.