Um dem Vertrauen unserer Kunden gerecht zu werden, veröffentlichen wir keine Kundennamen. Nachfolgend finden Sie einen Auszug an unterschiedlichen Projeken, die wir für unsere Kunden durchgeführt haben:

 

Grey-box security assessment of APEX-based web applications for risk management workflows and role management

Q2 2020

Black-box check of a hospital's external facing IT services

Q2 2020

Grey-box assessment of an aerospace positioning system

Q2 2020

External grey-box check of a financial treasury application

Q2 2020

Grey-box security assessment of the servers in the DMZ including a configuration analysis

Q2 2020

Examiniation of the network segmentation and search for weak points in a production plant

Q2 2020

Security assessment of a browser extension, which is used to interact with a cloud service

Q1 2020

White-box check of systems involved in an application used for handling medical data

Q1 2020

White-box web-security assessments of a web applications with login and provided source code

Q1 2020

External black-box perimeter test (infrastructure and web)

Q1 2020

Grey-box web-security assessment of a privacy management system and white-box of the backend systems, including the application's database server and a container environment

Q1 2020

Assessment in an industrial environment with the defined worst case of a factory shutdown

Q1 2020

Grey-box check of a web application used to administrate and view data of measurement devices

Q4 2019

Internal and external security assessment of a provider in the aerospace industry including a Wi-Fi assessment, web applications, Active Directory exploitation and network based attacks

Q4 2019

Risk analysis of a remote administration solution for distribute power plants

Q4 2019

Internal security assessment of a critical water supply infrastructure in Austria

Q4 2019

Internal security assessment of an industrial software supplier in Shanghai

Q4 2019

Red Team Assessment of a R&D department with the defined worst case of access to and manipulation of source code

Q4 2019

Security assessment of the network infrastructure and critical components of a public transport infrastructure

Q4 2019

Grey-box web-security assessment of a web plattform with a login portal and white-box check of a server configuration

Q4 2019

Security assessment of an IoT device to collect and transfer measurement data

Q3 2019

Security assessment of a VPN gateway and an internal application server

Q3 2019

Security assessment of core systems and websites of an internal infrastructure

Q3 2019

Security assessment of a large-scale wifi infrastructure

Q3 2019

Security assessment of the payment process including process and technical review

Q3 2019

Grey-box web-security assessment of an administration portal

Q3 2019

Red Team Assessment of a software supplier in Budapest with the defined worst case of source code modification prior release

Q3 2019

Grey-box web application assessment of a customer support platform

Q2 2019

Re-Check of an electronic data exchange platform for energy providers

Q2 2019

White-box infrastructure assessment of a Mexican marked place for financial institutions and corporations to access and transact with analyzed SMEs

Q2 2019

Social Engineering and physical security assessment for a financial institution

Q2 2019

Grey-box web application assessment of a platform for displaying medical figures

Q2 2019

Basic and advanced security training for security managers throughout the whole company

Q2 2019

Security assessment of the payment process including process and technical review

Q1 2019

Red Team Assessment in an industrial environment with the defined worst case of a factory shutdown in the Czech Republic

Q1 2019

Security assessment of a payment and treasury software in order to identify weaknesses in the web portal and the thick client

Q1 2019

Security assessment of the payment process including process and technical review

Q1 2019

Red Team Assessment in a corporate environment using spear phishing, rubber duckies, and lateral movement

Q1 2019

Check of bypassing McAfee whitelisting ruleset for SCADA systems

Q1 2019

Red Team Assessment of several locations of a critical infrastructure provider

Q1 2019

Red Team Assessment in an industrial environment with the defined worst case of a factory shutdown in India

Q1 2019

Social Engineering and physical assessment of a digital service provider

Q4 2018

Grey-box check of a risk assessment platform for critical infrastructure

Q4 2018

Security assessment of payment processes focusing on secure transmission and server configurations

Q4 2018

Penetration test of a cloud solution to digitise internal and external business processes

Q4 2018

Security assessment of an application white-listing concept within critical infrastructure

Q4 2018

Security assessment of charging infrastructure for electric vehicles

Q4 2018

Grey-box assessment of an open cloud platform providing access to valuable information of industrial devices

Q3 2018

Grey-box check of a platform for processing x-ray images

Q3 2018

Grey-box check of a crypto-currency trading platform

Q3 2018

External black-box penetration test of an ISP infrasturcture

Q3 2018

Internal and external security assessment of a real-estate service agency

Q3 2018

Security assessment of the payment process including process and technical review

Q3 2018

Grey-box check of an incident management solution for critical infrastructure

Q2 2018

Security assessment of the payment process including process and technical review

Q2 2018

Grey-box security assessment of a performance management and analysis platform

Q2 2018

Red Team Assessment on critical locations and networks of a public transport provider

Q2 2018

Security analysis of an ATM's internal communication protocol

Q2 2018

Grey-box check of an industry ordering platform

Q2 2018

Reverse engineering and analysis of a file encryption software

Q2 2018

Security assessment of the payment process including process and technical review

Q1 2018

Reverse engineering and communication analysis of client-side agents

Q1 2018

Reverse engineering of an industrial black-box to evaluate the security of the project for installation in existing networks

Q1 2018

Security assessment of a security operation center including IT systems, applications, network and WLAN

Q1 2018

Grey-box check of a single-sign-on solution for internal applications

Q1 2018

Red Team Assessment of various clinical locations to determine possible attack points on sensitive data via IT, social engineering or physical access

Q1 2018

Security assessment of the payment process in a manufacturing company including process and technical review

Q4 2017

White-box check of a customer service portal, including source code review

Q4 2017

External grey-box check of REST APIs used for data exchange in the public transportation sector

Q4 2017

WLAN and infrastructure security assessment, including 802.1x implementation

Q4 2017

Red Team Assessment of various clinical locations to determine possible attack points on sensitive data via IT, social engineering or physical access

Q4 2017

Security assessment of the payment process of company dealing with renewable energy including process and technical review

Q4 2017

Social engineering assessment and grey-box check of the web services of a cloud provider

Q4 2017

Grey-box check of a web-based management interface for public transportation

Q4 2017

Black-box check of the company's premises to determine vulnerabilities from the Internet

Q3 2017

Security assessment of an internet provider's back-end customer services and the modem infrastructure

Q3 2017

Security assessment of an electronic data exchange platform between energy providers

Q3 2017

Social Engineering Assessment of a production plant in order to test the resilience against industrial espionage

Q3 2017

External grey-box check of a financial treasury application

Q3 2017

External black-box check of the company's premises and single-sign-on solution for clients

Q3 2017

White-box security assessment of the test lab for public transportation before put into production

Q2 2017

Grey-box assessment of a recruiting software for various clinical institutions available over the Internet

Q2 2017

Open Source Intelligence Analysis (OSINT) of a company to identify possible IT, social engineering and physical attack points

Q2 2017

Grey-box assessment of a mobile app to view household electricity usage in combination with smart meters

Q2 2017

Security assessment of electronic charging stations

Q2 2017

Assessment of an Android and iOS app for service management

Q2 2017

External black-box check of the company's premises to identify possible attack points from the Internet

Q2 2017

Red Team Assessment on the headquarters and a production facility to test the resilience against targeted attacks

Q1 2017

Security assessment of mobile devices to evaluate the risks against device theft

Q1 2017

External black-box assessment of the company's premises against attacks from the Internet

Q1 2017

Grey-box assessment of service portal for customers

Q1 2017

Black-box check of the company's main web site

Q1 2017

Grey-box check of a mobile device management solution including central service and device agents

Q1 2017

Red Team Assessment on a power plant to test resilience against targeted critical infrastructure attacks

Q4 2016

Performing a phishing campaign to evaluate the awareness of management personnel

Q4 2016

Internal penetration test of a company's network and core services

Q4 2016

Security assessment of a fat-client for team collaboration

Q4 2016

Security assessment, including IT and web services and their configuration settings, of a data exchange platform between clinical institutions

Q4 2016

Assessmenet of IT infrastructure, web interface and APIs of analytical compontents of an enterprise-wide CRM solution

Q4 2016

IT security assessment of selected external web sites and and a data exchange platform for patients and doctors

Q4 2016

External penetration test of the organization's web site and other external facing services

Q4 2016

Binary and behavioural analysis of a security product deployed across the enterprise

Q3 2016

External grey-box check of a financial treasury application

Q3 2016

Re-check of an internal payment solution including IT infrastructure, server hardening measures and web interfaces

Q3 2016

Penetration test of a cloud solution for power plant providers

Q3 2016

Performing a security analysis of integrating smart cards into HSMs for network use

Q3 2016

Security assessment of a software license management solution

Q3 2016

IT penetration test of a team collaboration tool for enterprises, including encrypted chats, file exchange and video conferences

Q3 2016

Security assessment of security- and privacy-related issues concerning Google Chromebooks in a corporate environment

Q2 2016

Penetration test of an industrial network, including components, like VPN, HMIs, PLCs, engineering work station, etc., in a lab environment

Q2 2016

Vulnerability scanning workshop and consultation during internal vulnerability scans

Q2 2016

Review and re-design of the company's internal network design and recommendations for additional security measures

Q2 2016

Re-check of an internal, online PKI center (HSM, Java application server and infrastructure assessment)

Q1 2016

Penetration test of an electric power transformation substation's internal network including infrastructure, SCADA and control systems

Q1 2016

Penetration test of a third-party one-time-pad (OTP) solution for mobile devices (app) and desktops

Q1 2016

Grey-box penetration test of several internal high-profile targets within the network, including infrastructure and web-based checks

Q1 2016

External penetration test of the backend of an online banking solution

Q1 2016

Large-scale (> 6.000 IP addresses) black-box scanning with identification of vulnerabilities

Q1 2016

Security review of the architecture of a mobile entertainment systems for patients

Q4 2015

Support in the development of user and security guidelines for a web-based administration system

Q4 2015

Penetration test of a third-party system and network monitoring appliance

Q4 2015

Advanced penetration testing training for the company's development and security team, especially adapted to the company's needs

Q4 2015

Review and re-design of the company's internal network design and security policies

Q4 2015

External grey-box assessment of various internet-facing web sites of the company

Q4 2015

Internal white-box security assessment to secure an application used to communicate health-related information to public authorities

Q4 2015

External black-box assessment of internet-facing systems (intranet, e-learning, etc.) including infrastructure and web-based checks

Q4 2015

Penetration test of an ISP infrastructure from the viewpoint of an end-user (modem SW/HW hack, infrastructure check, …)

Q3 2015

External black-box check of a banking infrastructure

Q3 2015

Grey-box check of a web application for administering job applicants and members

Q3 2015

Assessment of an application written in Microsoft Excel

Q3 2015

Security check of an enterprise source code management platform fully integrated into Windows environments (Thick Clients)

Q3 2015

Grey-box check of a web application to manage power line customers

Q3 2015

Internal grey-box assessment of a business intelligence / warehouse environment

Q3 2015

External penetration test of a time registration web application for employees

Q3 2015

Penetration test of public transport system (management network, SCADA and vehicle control network)

Q2 2015

Grey-box check of an internal network and its PKI infrastructure

Q2 2015

Black-box check of an internal network

Q2 2015

External grey-box check of a financial treasury application

Q2 2015

Internal grey-box check of a fleet management system (telematics system)

Q2 2015

Internal white-box assessment of SCADA networks

Q1 2015

Red Team Assessment targeting the internal network, VoIP systems, mobile clients and dedicated offices and additional phishing campaign

Q1 2015

Security assessment of a hardened notebook installation for high-secure applications

Q1 2015

External black-box scan of all available Internet-facing systems of an enterprise

Q1 2015

Grey-box check of support portal for customers

Q4 2014

External black-box check of the company website

Q4 2014

White-box check of a secure environment for key and password storage

Q4 2014

Grey-box check of a data exchange platform for military and industry

Q4 2014

Grey-box check of an assessment platform for job applicants

Q4 2014

Grey-box security assessment of SCADA and PCL control network in transportation

Q4 2014

Grey-box check of a platform for managing orders and customers

Q3 2014

White-box assessment of a physical access control system and procedures

Q3 2014

Grey-box assessment of a satellite communication system for hazardous environments

Q3 2014

White-box physical security walk-through of the company’s head quarters

Q1 2014

White-box assessment of an internal payment solution and corresponding processes

Q1 2014

External black-box scan of all available Internet-facing systems of an enterprise

Q1 2014

White-box IT security assessment of live SCADA environment (power plant)

Q4 2013

External black-box security check a new company website

Q4 2013

Black-box assessment of a new Typo3 website for clients

Q4 2013

Reverse engineering of a BMS application (for physical access control, doors, bars and gates)

Q4 2013

Grey-box security assessment of a third-party remote administration software

Q4 2013

Re-check of a social media platform for large corporations

Q3 2013

Security awareness training for local security personnel

Q3 2013

Large-scale (> 18.000 IP addresses) black-box scanning with identification of vulnerabilities

Q3 2013

Red Team Assessment on a production facility for off-shore energy production to steal production plans

Q3 2013

Grey-box security assessment of an online bidding platform

Q3 2013

Red Team Assessment of a data center to gain physical access to the server room

Q3 2013

Grey-box security check of a mobile solution for order management

Q2 2013

Grey-box security assessment of an internal registration authority (RA)

Q2 2013

Penetration testing workshop to educate an internal team to conduct security assessments

Q2 2013

Grey-box security check of a web-based solution for management of excavations

Q2 2013

Grey-box security check of an online shop before its go-live

Q2 2013

Grey-box security assessment of an online-solution for order management

Q2 2013

Security architecture review of a customer self-service portal during development phase

Q1 2013

Grey-box assessment of an application running on SAP Enterprise Portal

Q1 2013

Black-box security assessment of a third-party, high-class video conferencing solution

Q1 2013

Large-scale black-box DMZ scanning with identification of vulnerabilities

Q1 2013

Grey-box security assessment of GPS location services

Q1 2013

Grey-box Red Team Assessment on a data center to gain physical access to the server room

Q4 2012

External black-box IT penetration test (infrastructure and web)

Q4 2012

Black-box assessment of an internal IT infrastructure

Q4 2012

Grey-box web assessment of a social media platform for big companies

Q4 2012

Grey-box assessment of an online platform for banking services

Q3 2012

Grey-box web application assessment of an online shop for end customers

Q3 2012

Grey-box assessment of an online portal for sales

Q3 2012

Black-box security check of a dedicated list of corporate websites including Denial-of-Service tests

Q3 2012

Grey-box security assessment of a self-service online portal for end users

Q3 2012

White-box physical security assessment and practical Red Team Test on dedicated security personnel

Q3 2012

Grey-box assessment of a single sign-on solution from the intranet for intranet applications

Q2 2012

Black-box assessment including reverse engineering of a Windows application used to manage large-scale Windows AD services

Q2 2012

Grey-box security check of a third-party remote VPN solution for the company

Q2 2012

Grey-box security assessment of a third-party mobile management platform

Q2 2012

Grey-box assessment of a Windows rich client application using web services

Q2 2012

Black-box assessment of the company's infrastructure and web applications accessible from the Internet

Q1 2012

Grey-box web security assessment of a cloud-based environment including in-house developed services

Q1 2012

Security analysis of the usage of Microsoft Outlook Web Access on untrusted clients

Q1 2012

Audit of a Microsoft SharePoint environment including some web applications for reporting

Q1 2012

Grey-box security assessment of SCADA power components (transportation)

Q1 2012

Black-box assessment of the external infrastructure and the online services provided by a company

Q1 2012

Red Team Assessments to test the overall security of an enterprise's proprietary research data

Q4 2011

OSINT analysis of a big company to identify possibly leaked company data on the Internet

Q4 2011

Grey-box infrastructure- and web application assessment for customer portals

Q3 2011

Grey-box infrastructure- and web application assessment of a new online platform

Q3 2011

Theoretical and practical security analysis of social media integrations

Q3 2011

Advanced IT Penetration Testing training for security consultants and penetration testers

Q3 2011

Grey-box security assessment of an electronic brokering platform

Q3 2011

Grey-box assessment of two user administration web applications

Q3 2011

Content Management System (CMS) audit and analysis of the company's website

Q3 2011

Grey-box assessment of a Microsoft SharePoint application

Q2 2011

Risk analysis workshop for a product in the development phase

Q2 2011

Grey-box web application and infrastructure assessment

Q2 2011

Large-scale black-box DMZ scanning with identification of vulnerabilities

Q2 2011

Internal grey-box SAP Enterprise Portal application assessment

Q1 2011

Review of group policies

Q4 2010

Infrastructure / SAP audit (DMZ) and web application audit of a customer portal

Q4 2010

Black-box server infrastructure, Typo3 and website assessment

Q4 2010