Ethical Hacking / Pentesting / Red Teaming

Is your Cybersecurity concept working?
May be only 30 seconds

“You can prevent your opponent from defeating you through defense, but you cannot defeat him without taking the offensive.”

Sun Tzu

Our team knows key penetration testing standards because it’s members were part of their design. We diligently follow our standards which ensures repeatability and transparency in technical security assessments. Combined with creativity and an average of over 10 years of experience as ethical hackers with numerous certificates, we make sure your organization and systems are thorougly tested to enhance your security posture.

How we identify the strengths and weaknesses of your IT / OT

  • Incident Response
  • Red Teaming
  • Blackbox, Greybox, Whitebox Security Audits and Pentests
    OSSTMM, OWASP, BSI, PCI-DSS, NIST 800-115, ISO/IEC 27002, 27008:2019
  • Web Application Tests
    OWASP
  • IS-Webchecks
    BSI
  • ICS / SCADA Testing
    TeleTrust IEC 62443-4-2
  • Configurationaudit
  • Vulnerability Assessments

This is what we test

  • Office IT
    Printer Fax, Phone (VoIP, PBX, Hard- & Soft)
  • Web / Client applications
  • Networks
    (FW, IPS/IDS, Router, Switch, WLAN, Bluetooth, VPN)
  • Server
    (Win, Linux, AIX, Unix, Mac OS X)
  • Virtualization, Active Directory, NAS
  • OT, ICS, SCADA, PLT, PLC, SPS, DPC, RTU, Smart Meters
  • Ethernet based industry protocols
    TCP/IP, Modbus TCP/IP, LON, LONTalk, BACnet, PROFIBUS, PROFINET, Modbus/ASCII, RTU, TCP; CAN, EtherCAT, CIP, Ethernet Powerlink, S-BUS, Ether-S-Bus, #Ether-S-I/o, KNX(EIB), KNXnet/Ip (EIBnet/IP), HART, HART-IP, OMRON-FINS

You want us to test your Cybersecurity

Contact us

 

Industry expertise

  • Public Sector
  • Defense
  • Critical Infrastructure
  • Automotive
  • Airlines
  • Financial Services
  • Telecommunication, Media, Technology (TMT)
  • Healthcare
  • Retail/ eCommerce

Client projects

 

Red Teaming – Critical Infrastructure – Transport

The objective of the black box Red Teaming was to disrupt the operation of three container terminal over the course of several months through on-site and remote activities.

 

IS Audit of Software Application – Homeland Security Agency

The team had to test a software application for a government process in production of a classified system.

 

Data Center Penetration Test – Defense

Annual penetration tests of data center using active and passive scans.

 

Incident Response / OSSTMM-Audit – Healthcare

Incident response after malicious code attack of the network attached storage (NAS). After forensic investigation and correction, a root cause analysis was performed using different protocols and monitoring logs.

 

WLAN Audit – Gambing

The objective of the wireless local area network (WLAN) audit was to identify any unauthorized access points and generally map and secure the authorized WLAN infrastructure.