We help enterprises plan secure IT infrastructures, assess IT services, mitigate risks and run compliant operations.
We strive to provide holistic security strategy and a solid framework, educate development and guide operations. Together with our customers, we work to automate validation and monitor for deviations, communicate risks and provide prudent mitigations.
IT Security Consulting Services
We conduct black box, grey box and white box penetration tests and structured assessments for infrastructures and applications. We offer end-to-end penetration services, including initial scoping, execution, status follow-up and re-test services.
We provide a holistic vulnerability management service, including customer-tailored vulnerability advisory services, infrastructure and application vulnerability scans, false-positive verification, adapted scoring of vulnerabilities, dispatching and vulnerability resolution support.
A solid security policy framework is the foundation for secure enterprise culture, secure operations, and processes. In agreement with our customers, we create and update hardening procedures, incorporate IT operations feedback and apply industry best practices.
The security state of large and complex IT infrastructures can be reasonably managed only through automation. We offer consulting services for automated technical security compliance verification, monitoring and remediation. Automation and rigorous monitoring is the key to achieving transparency and efficiency in the IT organizations and effectively supports meeting certification demands like ISO/SOC.
You develop software? Then, protect your crown jewels. Software build pipelines are the heart of software production and must meet the highest security standards to ensure the availability and foremost, the integrity of your delivered service or software. We perform security assessments and offer security architecture consulting to enable secure software delivery.
We support you in defending against cyber attacks. We provide consulting services in the field of SOC and SIEM. We help you derive and improve central concepts such as the Cyber Killchain or MITRE ATT&CK®. We work with customers to create and improve security monitoring use cases for SIEM platforms like Splunk, QRadar, etc.
SAP® Security Consulting Services
Our core expertise lies within the products and services provided by SAP. We help our customers run secure on-premise SAP NetWeaverTM, SAP S4HANA® deployments and assess SAP Cloud services like SAP® HANA Enterprise Cloud, SAP® SuccessFactors®, SAP® Ariba®, SAP® Concur® and SAP® Fieldglass®.
Knowledge Sharing / Security Blog
A roadmap to SAP NetWeaver Security helping you prioritise tasks and activities of your SAP Security Program
The five most important technical security measures you need to consider in order to protect you SAP NetWeaver systems from a security breach
Forward your SAP NetWeaver Audit Log to a Splunk Indexer without the need for any third party adapters, add-ons and tools
Software CI/CD Build Pipelines are by far the finest hacker targets - hackers need to compromise an environment that is anyways difficult to secure and the vendor will take care of the logistics and distribution of the hacker's malware