Ethical Hacking / Pentesting / Red Teaming

Is your Cybersecurity concept working?
May be only 30 seconds.

“You can prevent your opponent from defeating you through defense, but you cannot defeat him without taking the offensive.”

Sun Tzu

Our team knows key penetration testing standards because it’s members were part of their design. We diligently follow our standards which ensures repeatability and transparency in technical security assessments. Combined with creativity and an average of over 10 years of experience as ethical hackers with numerous certificates, we make sure your organization and systems are thorougly tested to enhance your security posture.

How we identify the strengths and weaknesses of your IT / OT

  • Incident Response
  • Red Teaming
  • Blackbox, Greybox, Whitebox Security Audits and Pentests
    OSSTMM, OWASP, BSI, PCI-DSS, NIST 800-115, ISO/IEC 27002, 27008:2019
  • Web Application Tests
    OWASP
  • IS-Webchecks
    BSI
  • ICS / SCADA Testing
    TeleTrust IEC 62443-4-2
  • Configurationaudit
  • Vulnerability Assessments

Das prüfen wir

  • Office IT
    Drucker Fax, Telefon (VoIP, PBX, Hard- & Soft)
  • Web / Client Applikationen
  • Netzwerke
    (FW, IPS/IDS, Router, Switch, WLAN, Bluetooth, VPN)
  • Server
    (Win, Linux, AIX, Unix, Mac OS X)
  • Virtualisierung, Active Directory, NAS
  • OT, ICS, SCADA, PLT, PLC, SPS, DPC, RTU, Smart Meters
  • Ethernet basierte Industrieprotokolle
    TCP/IP, Modbus TCP/IP, LON, LONTalk, BACnet, PROFIBUS, PROFINET, Modbus/ASCII, RTU, TCP; CAN, EtherCAT, CIP, Ethernet Powerlink, S-BUS, Ether-S-Bus, #Ether-S-I/o, KNX(EIB), KNXnet/Ip (EIBnet/IP), HART, HART-IP, OMRON-FINS

We want to test our Cybersecurity

Contact us.

 

Industry expertise

  • Public Sector
  • Defense
  • Critical Infrastructure
  • Automotive
  • Airlines
  • Financial Services
  • Telecommunication, Media, Technology (TMT)
  • Healthcare
  • Retail/ eCommerce

Client projects

Red Teaming – Critical Infrastructure – Transport

The objective of the black box Red Teaming was to disrupt the operation of three container terminal over the course of several months through on-site and remote activities.

 

IS Audit of Software Application – Homeland Security Agency

The team had to test a software application for a government process in production of a classified system.

 

Data Center Penetration Test – Defense

Annual penetration tests of data center using active and passive scans.

 

Incident Response / OSSTMM-Audit – Healthcare

Incident response after malicious code attack of the network attached storage (NAS). After forensic investigation and correction, a root cause analysis was performed using different protocols and monitoring logs.

 

WLAN Audit – Gambing

The objective of the wirless local area network (WLAN) audit was to identify any unauthorized access points and generally map and secure the authorized WLAN infrastructure.