Pentest result: netfiles again successfully tested for security
netfiles has once again successfully undergone a penetration test. The renowned security experts at SySS GmbH tested the netfiles data rooms for vulnerabilities between March 24 and April 2, 2025, and found no security flaws.
This continues the trend of recent years, during which the security of netfiles has been consistently and independently confirmed. The result complements our certifications according to ISO/IEC 27001:2013 and ISO 22301:2019, as well as our SOC 2 and BSI C5 attestations.
Security considered right from the start
Since our founding, we at netfiles have placed a special emphasis on security and efficiency in data exchange. The highest standards in data security are a key reason why customers trust netfiles data rooms and we are constantly working to improve our products. Regular pentests are an important part of our commitment to protecting customer data in the best possible way – and staying one step ahead of potential security threats.
The successful audit by external security experts also confirms our development philosophy: netfiles focuses on Security by Design and Privacy by Design. This means that protection mechanisms and data protection requirements are not added retrospectively but are embedded into the architecture of our data rooms from the very beginning. Functions such as the standard encryption of data in transit and at rest (using AES-256), granular access controls, comprehensive activity logging, and privacy-friendly default settings are an integral part of our product – , but built-in features right from the start. In this way, we ensure that data security and privacy are deeply rooted in our system.
What is a pentest?
A pentest – short for penetration test – assesses the security of software by simulating real-world attacks. The test scenarios reflect actual threats posed by hackers and other cybercriminals, allowing for a highly realistic evaluation of implemented security measures.
We subject our data rooms to comprehensive security testing on an annual basis to gain a consistent and up-to-date view of our protective measures. This enables us to identify and address potential vulnerabilities early – before they pose any risk to our users.
Further information
In addition to pentests, netfiles is regularly audited for compliance with regulatory requirements and international standards. The latest results and certifications can be found on our overview page. Upon request, we are also happy to provide you with our detailed netfiles security concept as a PDF document.