The very best IT security consulting

Your IT systems are not only a precious asset for your company – they also attract the interest of cyber attackers. We offer you cybersecurity consulting to enable appropriate prevention, detection and response. Our Cybersecurity Consultants support you and your company with various service offerings that can be procured individually. The services can increase the level of security in your IT landscape, especially when used in combination.

Contact us now

Overview of our solutions

Preventive solutions for emergencies

As the IT infrastructure of every modern enterprise steadily grows, so too does the attack surface offered by the information systems it uses. So what do you do when an emergency occurs?

We prepare you for that with Security Incident Response Preparation. Our Cybersecurity Consultants have years of experience and work together with you to analyse existing processes and your infrastructure and develop a response, process and training plan to avert damage. That includes implementing a security incident response process, which is tailored individually to your company in a workshop and documented.

The process involves initial response, support and in-depth analysis of incidents. So that the process can be tested and a routine for responding to emergencies at the company can be developed, training courses can be created and held. The findings from various trial runs and incidents that have occurred are then incorporated in the existing response framework as part of a lessons learned process. The objective of our service is to minimise the repercussions and damage from a security incident and to strengthen your competence and response to such scenarios.

Your advantages:

  • Minimisation of damage in an emergency
  • Optimisation of existing security structures at the company
  • Development of sustainable methodologies to combat attacks, for example from ransomware (encryption Trojans)
  • Establishment of a routine and training
  • Faster response to cases of damage at your own company

Rapid support in an emergency

A security incident usually comes out of the blue and with no prior warning. A rapid response by your company is often crucial to how the incident pans out.

We help you tackle a security incident and avert further damage from your enterprise. Our Cybersecurity Consultants, backed by their many years of experience in handling security incidents, provide you with competent and customised support in an emergency.

The scope of services ranges from consulting for your head of security, support for your security team or administrators, to complete management of the security incident, where we are on hand to help you for as long as the incident lasts.

The focus here is on a rapid first response, precise analysis and lasting mitigation of entry points and vulnerabilities so as to avert further damage, as well as internal communication with your employees and tracking of all necessary information and tasks.

It goes without saying that you receive a detailed report once every incident is over. It contains all the information you need, such as a chronology, the suspected cause and steps to lastingly improve the security of your IT systems.

Your advantages:

  • Mitigation/averting of damage to your company
  • Professional incident response by security experts who have many years of professional experience
  • Analysis of the security incident
  • Summary in customised reports
  • Advising of your security team

Identification of weak points

It is highly likely that your company uses different operating systems and software applications in its system environment. They often harbour weaknesses that attackers exploit.

We test your system for known vulnerabilities and provide you with an overview of possible targets of attack we identify in that – such as by controlling systems or accessing sensitive information. The elimination of vulnerabilities is the practical foundation of any IT security architecture. We show you how appropriate processes to enable detection and pinpointed plugging of critical security gaps can be mapped at your enterprise. We use established standards in that, such as CVE (Common Vulnerabilities and Exposures), the CVSS (Common Vulnerability Scoring System) and best practices of institutions like the German Federal Office for Security in Information Technology (BSI) and the National Institute of Standards and Technology (NIST).

One of the key factors in managing vulnerabilities is to tackle them in accordance with a defined and controlled priority so that the vulnerabilities that pose the greatest risk are eliminated first. We identify relevant priorities together with you and train you and your employees in how to assess and classify vulnerabilities appropriately. We also familiarise you with the documentation of vulnerabilities and their status in order to ensure a clean process and subsequent review. We will also be pleased to support you during the ongoing process or with our Vulnerability Scanning service for detecting weaknesses.

If security gaps are identified, our experienced Cybersecurity Consultants offer recommendations on appropriate preventive measures or complete management of these weaknesses.

Your advantages:

  • Rollout of vulnerability management measures
  • Tracking of the status of how security gaps are being dealt with
  • Documentation of all steps, from detection to resolution
  • Classification and assessment of vulnerabilities
  • Optimum use of best practices and our many years of experience in the field of vulnerability management

Continuous improvement in information security

Security Assessments enhance the measurability of IT security and help bring about a lasting and continuous improvement in information security at your company.

Our Security Assessment offers you a means of examining the maturity of your information and IT security. It is used as the basis for preparing an extensive report, which also provides recommendation on how you can increase information security.

Our service is geared to existing standards, such as IT Baseline Protection or ISO 27001. We always design a Security Assessment to reflect your individual requirements.

Your advantages:

  • Identification of the general level of security
  • Proactive examination of IT security
  • Information security is made measurable
  • Preparation for the development of a security strategy and an information security management system (ISMS)
  • Tailored reporting for your ISMS

Simulation of cyberattacks

We examine your networks, IT systems and applications for vulnerabilities and propose measures to remedy them.

Penetration testing is a proactive means of thwarting potential attackers and simulates an actual attack on your infrastructure. Our service may take the form of a black box penetration test (where no log-in data or system information is disclosed) or a white box penetration test (where system information and log-in data are disclosed). Hybrid forms are also possible.

Our Cybersecurity Consultants conduct the tests in compliance with the state of the art, such as in accordance with the OWASP Standard and recommendations from the German Federal Office for Security in Information Technology (BSI), and log test steps in final reports, which can be furnished as documentary proof to third parties. There is first a scoping call where the systems to be tested, the type of penetration test and the other general conditions to be heeded are defined. That is followed by a test phase in which the technical examinations are carried out. The results are presented in a final meeting and you receive a customised report.

Your advantages:

  • Recording of the status quo
  • Proactive examination of IT security
  • Measurability of information security is enabled
  • Tailored reporting for your ISMS
  • Preparation for development of a security strategy

Compromise analysis

We analyse your technical infrastructure for potential compromises. That enables us to ascertain the status of IT security and the risk to your company.

Our initial digital analysis helps reveal any compromises of security. We gear our activities towards the guidelines from the German Federal Office for Security in Information Technology (BSI) and standard approaches of the SANS Institute.

We always design a Compromise Assessment to reflect the size of the IT network, common standards and your individual stipulations and wishes. Our Cybersecurity Consultants examine selected parts of the IT infrastructure for indicators of compromise and document their findings in relevant reports. The results are presented to you and possible measures specified. The reporting can be tailored to suit your wishes.

The Compromise Assessment supports the incident response process and thus allows IT security incidents to be cleared up quickly. A picture of the current situation is created and the extent of the possible incident is recorded as part of our service. They can be used as the basis for taking further measures to contain the incident; the appropriate activities for that are then provided as part of our Security Incident Response service.

Your advantages:

  • Post mortem on a possible security incident
  • Interface to the incident response process
  • Identification of vulnerabilities in the infrastructure
  • Risk analysis of the technical status of your IT