Win a Professional Penetration Test
– Valued at over 3.000 EUR
3 Winners
Congratulations to the winners! We will be in touch shortly.
All tickets that do not contain a company email address and/or do not have the pentest consent box checked will be excluded from the raffle.
1. Overview & Prize Description
Sponsor: B2CyberSec GmbH, Werner-von-Siemens-Str. 6, 86159 Augsburg, Germany, VAT: DE323792746
What is awarded: Remote-only penetration test / vulnerability assessment services for up to 3 business days, valued at over 3.000 EUR (net).
Prize count / schedule: One winner per day (3 total), drawn on-site at it-sa 2025.
Time to redeem: The winner must schedule and complete the engagement within 90 days (or alternate timeframe) from the drawing date.
Non-transferable: The prize cannot be exchanged for cash, transferred, or assigned.
2. Eligibility & Entry Conditions
Only one entry per person / company is allowed.
Entrants must be legal entities (companies or organizations) located in the EU / EEA.
The entrant must have legal authority or approval from their company to arrange a penetration test.
The target(s) to be tested must be owned or fully controlled by the entering company (no third-party systems).
Entry must be made during the conference period (exact dates and times apply).
B2CyberSec employees, agents, affiliates, and their immediate families are excluded.
The promoter reserves the right to disqualify entries that are false, fraudulent, incomplete, or violate these rules.
3. Entry Process & Winner Selection
Entry is via completing and submitting the form in the box at the booth.
No purchase, payment, or obligation is required aside from filling out the form.
Winners are selected by random drawing from all valid entries.
Odds of winning depend on the number of valid entries received.
Winners will be announced daily (time & place). If a winner cannot be reached or declines, a redraw occurs.
Winners will be contacted via email / phone and must confirm acceptance in writing within 3 business days; otherwise, the prize is forfeited.
4. Engagement / Work Conditions
The test is strictly remote; no on-site physical access.
Scope must be agreed in advance by both parties in writing (Statement of Work).
B2CyberSec may refuse engagement if scope is outside its capabilities or if legal/contractual issues arise.
The test must be scheduled so that no disruption to business-critical operations occurs (coordinated with client).
The client must provide all necessary access, authorizations, credentials, and documentation.
The client must back up all systems, notify stakeholders, and ensure the ability to restore systems.
If significant scope changes are required during testing, B2CyberSec retains the right to renegotiate or adjust.
Deliverables: Kick-off call, rules of engagement (ROE), interim coordination, final PDF report with findings, risk ratings, and remediation recommendations.
5. Liability, Disclaimers & Indemnification
The client accepts that testing may cause unintended disruptions, service interruptions, or data corruption, and agrees to assume these risks.
B2CyberSec’s liability is limited to direct damages up to the prize value; indirect or consequential losses (profits, goodwill, etc.) are excluded.
The client must indemnify B2CyberSec against any third-party claims arising from the client’s lack of proper authorization.
B2CyberSec does not warrant that the test will find all vulnerabilities or prevent future breaches.
Nothing in these terms excludes liability for fraud, gross negligence, or injury where liability cannot legally be limited.
6. Confidentiality & Data Protection
The results, reports, and all vulnerability data are confidential.
B2CyberSec will not disclose findings without express consent (except as required by law).
The client must ensure compliance with GDPR / local data protection laws.
B2CyberSec will apply technical and organizational safeguards to protect data.
Subcontractors, if used, must comply with confidentiality and data protection obligations.
The client must not transfer sensitive personal data outside the EEA without legal safeguards.
7. Force Majeure & Termination
Either party may terminate if the other commits a material breach and fails to remedy it within a defined period.
In case of force majeure (e.g. disasters, outages, government action), obligations may be suspended.
If the client fails to coordinate or respond within a defined timeframe, the prize is forfeited.
8. Miscellaneous Provisions
The prize drawing, acceptance, and engagement are governed by German law.
Jurisdiction: Courts of Augsburg, Germany.
These Terms & Conditions form the entire agreement; modifications must be in writing and signed.
If any provision is invalid, the remaining provisions continue to apply.
B2CyberSec may use the winner’s company name and city for promotional purposes (with consent), but will not publish sensitive data.
Sponsor contact:
B2CyberSec GmbH
Werner-von-Siemens-Str. 6
86159 Augsburg, Germany
info@b2cybersec.com
9. Legal Compliance & Safeguards
Participation is free of charge and without obligation.
The prize is valued at over 3.000 EUR (net). Taxes or VAT, if applicable, are the responsibility of the winner’s company.
Winners may be asked to verify their identity and company role before receiving the prize.
Personal data will be used solely for the raffle and deleted within 3 months after the giveaway, unless required by law.
The organizer reserves the right to cancel or modify the giveaway in case of unforeseen circumstances.
Certain high-risk activities (e.g. denial-of-service, social engineering, physical intrusion) are excluded from the penetration test scope.
From Advisory to Execution - your complete security partner.
IT Consulting - Penetration Testing - CyberShield360° (SOC+MSS)
Book a free consultation with our experts and discover where your IT & security stand today.
