We conduct black box, grey box and white box penetration tests and structured assessments for infrastructures and applications. We offer end-to-end penetration services, including initial scoping, execution, status follow-up and re-test services.

We provide a holistic vulnerability management service, including customised vulnerability advisory services, infrastructure and application vulnerability scans, false-positive verification, adapted scoring of vulnerabilities, dispatching and vulnerability resolution support. 

A solid security policy framework is the foundation for secure enterprise culture, secure operations, and processes. In agreement with our clients, we create and update hardening procedures, incorporate IT operations feedback and apply industry best practices.

The security state of large and complex IT infrastructures can be reasonably managed only through automation. We offer consulting services for automated technical security compliance verification, monitoring and remediation. Automation and rigorous monitoring is the key to achieving transparency and efficiency in the IT organizations and effectively supports meeting certification demands like ISO/SOC.

You develop software? Then, protect your crown jewels. Software build pipelines are the heart of software production and must meet the highest security standards to ensure the availability and foremost, the integrity of your delivered service or software. We perform security assessments and offer security architecture consulting to enable secure software delivery.

We support you in defending against cyber attacks. We provide consulting services in the field of  SOC and SIEM. We help you derive and improve central concepts such as the Cyber ​​Killchain or MITRE ATT&CK®. We work with companies to create and improve security monitoring use cases for SIEM platforms like Splunk, QRadar, etc.

A roadmap to SAP NetWeaver Security helping you prioritise tasks and activities of your SAP Security Program

The five most important technical security measures you need to consider in order to protect you SAP NetWeaver systems from a security breach

A comprehensive list of security-relevant SAP NetWeaver profile parameters and a WALLSEC recommendation on how to configure those 

Forward your SAP NetWeaver Audit Log to a Splunk Indexer without the need for any third party adapters, add-ons and tools 

Software CI/CD Build Pipelines are by far the finest hacker targets - hackers need to compromise an environment that is anyways difficult to secure and the vendor will take care of the logistics and distribution of the hacker's malware