Services

Our goal is supporting your business. We stand for custom solutions for non-standard problems. Our extensive experience and knowledge in the area of IT security enables us to quickly understand problems - our creative way of thinking enables us to come up with tailor-made solutions. Please understand that we generally don’t list reference customers or projects. Our customers’ privacy is one of our most important goals.

Taking your Concerns Seriously

Who doesn’t know this? You have a bad gut feeling about something but you cannot really get your hands on it. There is this one threat you are worried about and you would like to properly address it? We can support you. Together we can identify the actual IT weaknesses that should be taken care of.

Or do you know that there is a certain abstract risk emerging from a system, a software or a technology but you would like a professional opinion on it? Would you like to know what a risk or threat actually means for you? These questions can be answered by us. Our goal is to support you with a realistic point of view instead of selling you obscure products or services that you neither understand nor actually need.

Designing Secure Systems

If we only had thought about this earlier. Well, nobody can turn the time back. But we can learn from mistakes and improve our processes. Including security aspects during the design phase of a solution can save you from later trouble in a very cost-effective way. We support you in building secure, resilient system designs that provide solid protection mechanisms against current and future threats.

Identification and Rating of IT Security Risks

Identifying potential problems in an existing design before they arise is always better than fixing them later. By building a threat model, we analyze your solution in order to identify weaknesses and possible mitigations. Based on the outcome of such an analysis, further steps can be performed if you deem them necessary.

Verification / Identification of Vulnerabilities

You have implemented a system but you are not sure that it fulfills your security requirements? Maybe you bought a solution that you would like to integrate and you are worried about its security guarantees? This can be independently verified by our consultants. Reviewing software in source and binary code is our daily business, as well as configuration and hardening analysis. This can be performed in a black- or white-box review, as an external penetration test, as a reverse-engineering engagement or as a source code review - whatever fits your needs.

Effective Countermeasures

Merely identifying vulnerabilities is only one side of the medal. We also provide realistic proposals for implementing effective countermeasures. Although some problems can be solved in a generic fashion, many cannot. We aim to actually understand your solution and to provide recommendations that fit your needs.

Trainings

We provide IT security trainings, tailor-made for our customers. Our experience shows a disparity between standard trainings following a static agenda and the knowledge actually needed by our clients. Therefore, our trainings are specially designed to fit your needs and to include the topics that you require for your business - in a technical depth that is suited for the respective audience.

The trainings vary from source code audits, binary-analysis to hardware audits. To provide the best knowledge to our clients we perform such trainings in combination with our partners and freelancers.

Project Setup

Setting up and managing projects in complex IT-Solutions is a difficult and time-consuming task. You can profit from our experience in setting up IT security projects (such as penetration tests, source code reviews, etc.), in managing the project communication, tracking test requirements and handling upcoming issues. Our project setup service aims at getting your product or solution ready for IT security assessments in order to provide a smooth and professional course of engagement. This also includes the development of a security test plan.