Secure software development – but how?

You want to make your software more secure and protect your development processes? With our background in software development and many years of experience in application security and DevSecOps, we provide fast and efficient help.

Find out more

Security in modern environments

Which code security scanners are suitable for our applications? What are SAST, DAST and IAST? How is security integrated into modern DevOps and cloud environments? How can I embed security into my Scrum processes and avoid quality gates that slow processes down? We help you to secure your software operations and developments, even in modern environments with agile processes.

Read more

Security and compliance for your applications and processes

No matter how technologically well-protected you are against attacks, technology is just one aspect of a company’s overall security strategy. How employees behave when security problems occur and how the flow of information is structured in an emergency are just as important. How is your risk management structured? What processes are in placein the event of a cyber attack? Which are the most important systems, and how compliant are you? We also help you to meet the requirements of ISO 27001 and the European General Data Protection Regulation (GDPR).

Read more

Hands-on training, coaching, code reviews and knowledge transfer

Your company can only be secure if you have appropriately trained staff. We offer practical, enjoyable training courses tailored to developers and architects. Our training will enable them to detectcurrent dangers, develop solution strategies, become familiar with hackers’ techniques and evaluate security incidents more accurately. We can also help you to set up your own training programme to embed security knowledge in your company on a permanent basis.

Read more

Most recent posts

  • Building modern SSDLCs - Securing Software at Scale

    Security in the last years was mostly focused on infrastructure protection, but application security has slowly grown in relevance and will likely continue to do so. Applications play a growing role for businesses and application specific security programs are often...

  • When your DNS leaks your infrastructure

    Reverse resolving a public IP - no problem here Tl;dr: A few nameservers might expose internal IP addresses and domain names when directly queried to reverse resolve private IPs. Check with dig -x or have a...

  • Story of a compromised wordpress server

    What to do when your PHP server gets hacked? This is a story of a compromised linux web server I recently dealt with. New PHP files had appeared that had nothing to do with the wordpress application running on...