Ethical Hacking / Pentesting / Red Teaming
Is your Cybersecurity concept working?
May be only 30 seconds.
“You can prevent your opponent from defeating you through defense, but you cannot defeat him without taking the offensive.”
Our team knows key penetration testing standards because it’s members were part of their design. We diligently follow our standards which ensures repeatability and transparency in technical security assessments. Combined with creativity and an average of over 10 years of experience as ethical hackers with numerous certificates, we make sure your organization and systems are thorougly tested to enhance your security posture.
How we identify the strengths and weaknesses of your IT / OT
- Incident Response
- Red Teaming
- Blackbox, Greybox, Whitebox Security Audits and Pentests
OSSTMM, OWASP, BSI, PCI-DSS, NIST 800-115, ISO/IEC 27002, 27008:2019
- Web Application Tests
- ICS / SCADA Testing
TeleTrust IEC 62443-4-2
- Vulnerability Assessments
Das prüfen wir
- Office IT
Drucker Fax, Telefon (VoIP, PBX, Hard- & Soft)
- Web / Client Applikationen
(FW, IPS/IDS, Router, Switch, WLAN, Bluetooth, VPN)
(Win, Linux, AIX, Unix, Mac OS X)
- Virtualisierung, Active Directory, NAS
- OT, ICS, SCADA, PLT, PLC, SPS, DPC, RTU, Smart Meters
- Ethernet basierte Industrieprotokolle
TCP/IP, Modbus TCP/IP, LON, LONTalk, BACnet, PROFIBUS, PROFINET, Modbus/ASCII, RTU, TCP; CAN, EtherCAT, CIP, Ethernet Powerlink, S-BUS, Ether-S-Bus, #Ether-S-I/o, KNX(EIB), KNXnet/Ip (EIBnet/IP), HART, HART-IP, OMRON-FINS
- Public Sector
- Critical Infrastructure
- Financial Services
- Telecommunication, Media, Technology (TMT)
- Retail/ eCommerce
Red Teaming – Critical Infrastructure – Transport
The objective of the black box Red Teaming was to disrupt the operation of three container terminal over the course of several months through on-site and remote activities.
IS Audit of Software Application – Homeland Security Agency
The team had to test a software application for a government process in production of a classified system.
Data Center Penetration Test – Defense
Annual penetration tests of data center using active and passive scans.
Incident Response / OSSTMM-Audit – Healthcare
Incident response after malicious code attack of the network attached storage (NAS). After forensic investigation and correction, a root cause analysis was performed using different protocols and monitoring logs.
WLAN Audit – Gambing
The objective of the wirless local area network (WLAN) audit was to identify any unauthorized access points and generally map and secure the authorized WLAN infrastructure.