Services
Unser Angebot
SECURITY ASSESSMENT
Wir überprüfen Ihre digitale Umgebung auf Schwachstellen und helfen beim schließen von Sicherheitslücken
Awareness
Wir machen Sie und Ihre Mitarbeiter mit aktuellen Bedrohungen vertraut, schaffen Transparenz und erhöhen Ihre Resilienz
Trainings
In professionellen Workshops trainieren wir Ihre Fähigkeiten im Umgang mit Schwachstellen, Schadsoftware und Entwicklung
Security assessment
Wir überprüfen Ihre digitale Umgebung auf Schwachstellen und helfen beim schließen von Sicherheitslücken
Summary
We switch into the role of a professional attacker and take aim at your company or your digital assets. This allows us to uncover undiscovered or unknown vulnerabilities, and thus contribute to the security of your digital assets in the long term.
We work hand in hand with your IT and security department and present our findings in a so-called “de-briefing” and discuss measures to improve and eliminate vulnerabilities together with you.
We rely on the complete attack chain from Opensource Intelligence (OSINT) to the possible infiltration of your company. The “Mitre Attack Chain” provides a good orientation for the process.
We can also perform complete and professional penetration tests for web, mobile and backend systems.
Outcome
In addition to uncovering potential vulnerabilities on a technical level, you will also get an impression of what information is freely available on the web and how it can affect the security of your company or be used by attackers. We will also try to find a way into your infrastructure via your employees.
All measures and results will be made available in a final presentation with report. Through our transparent attack chains you are able to understand security gaps and immediately initiate countermeasures. We support you in the long-term optimization of your security and repeat our “Offensive Security Sessions” at regular intervals. This way your digital security will remain on a professional level in the future.
Awareness
Wir machen Sie und Ihre Mitarbeiter mit aktuellen Bedrohungen vertraut, schaffen Transparenz und erhöhen Ihre Resilienz
Summary
No matter how secure your infrastructure is, the human factor remains. “Hacking” is still Hollywood for most people. Also the handling of computers and smartphones, as well as the surfing behavior and the handling of information in social networks remains a high risk factor from the perspective of enterprise security.
In one of our impulse presentations “into the hackers mindset” we will take you and your team on an exciting journey into the underground of the digital world. In advance, we clarify with you who the target audience is and tailor our content accordingly for people without a technical background. You also determine the focus of the presentation. Here we can choose from a wide portfolio of content. Among others:
- What are hackers
- Cyberwar
- Opensource Intelligence
- Information
- Malware
- How to protected
- much more…
Our presentations are always an interplay of lecture and dialogue. We aim to answer as many questions as possible so that you get the most out of our speeches.
Outcome
Besides demystifying hackers, you understand how an attacker thinks and what information is of interest to him. If you understand your attacker, you can better protect yourself and your company. Likewise, all participants take away with them a basic understanding of the world of hacking and have usually eliminated many ambiguities.
Our content also always addresses current events and is backed up with many examples. You will leave our lecture with a healthy degree of paranoia and will definitely move more safely in the digital world.
Trainings
In professional workshops we train your skills in handling digital assets.
Summary
Theory is great, practice is better! Our customized trainings are aimed at both technically skilled people and people who want to become one.
Master security
for beginners
In this interactive workshop we cover the basics of “Master Security“. For two days we take our participants into the role of attackers and show how current techniques and methods work and are used. We also show current methods of information gathering and actively use them.
We adapt the contents specifically to your participants in a preliminary discussion. The workshop is roughly composed of the following contents:
- Perceptions
- Expectations
- Introduction to the infrastructure
- Information retrieval
- Web Hacking
- System Hacking
- Questions and answers
- Feedback
All documents will be made available to the participants in advance in PDF format.
Malware development
for everyone
How do you actually write malware? What is malware and what types of malware are there? Which programming language do I use? How do I actually get past antivirus software? All this and much more will be explained in this interactive workshop.
We adapt the contents specifically to your participants in a preliminary discussion. The workshop is roughly composed of the following contents:
- Information and insides about malware
- Systemdesign and requirements
- Build a command and control server
- Hide command and control server
- Program the malware
- Bring all together
- Questions and answers
- Feedback
Basic programming knowledge is mandatory. This is not a programming course. Basic programming knowledge is mandatory. This is not a programming course.
Capture the flag
for everyone
In our Capture the Flag format, we combine the approach of practice and gamification. Participants learn skills from interdisciplinary tasks in a playful way, also organized in teams. As a contact person, we accompany the participants to achieve the best possible training goal.
We adapt the contents specifically to your participants in a preliminary discussion. The capture the flag event is roughly composed of the following contents:
- Cryptography
- Reverse Engineering
- Web
- Programming
- Network
- System
Usually the event lasts 2 days. Upon request, the scope can be adjusted. All documents will be made available to the participants in advance in PDF format.
