Services

In today's world, where the threat of cyber-attacks is constantly increasing and organizations are investing heavily in their security systems, Red Teaming is a key strategy. This advanced form of threat simulation tests the most robust security architectures under realistic attack conditions without the need for a separate test environment. Given the significant sums of money that organizations spend on protecting their networks and data, such realistic attack simulations are a critical element in verifying the effectiveness of these security investments.

Simulating complex and multi-layered attack scenarios not only uncovers vulnerabilities, but also strengthens response capabilities and organizational resilience. Particular attention is paid to reviewing the effectiveness of the Blue Team, whose response processes, analytical capabilities and speed of response make a decisive contribution to improving the cyber security culture. The aim of Red Teaming is to provide the maximum benefit to participating organizations by encouraging the continuous adaptation and improvement of their defenses against the increasingly sophisticated techniques of attackers, without evaluating their success or failure. Organizations that invest a significant portion of their security budget in improving their defenses are therefore encouraged to also invest in such realistic tests to prove the strength and effectiveness of their security architecture.

Die physische Sicherheit ist ein zentraler Bestandteil des ganzheitlichen Schutzkonzepts eines Unternehmens. Sie schützt nicht nur Gebäude und Anlagen, sondern auch Mitarbeitende, sensible Informationen und wertvolle Vermögenswerte.

Im Rahmen einer physischen Sicherheitsbewertung werden bestehende Schutzmaßnahmen – etwa Schließsysteme, Alarmanlagen oder Überwachungskameras – überprüft. Ziel ist es, potenzielle Schwachstellen zu erkennen, bevor sie von Unbefugten ausgenutzt werden können.

Angreifende nutzen oft unauffällige, aber wirkungsvolle Methoden, um Zutritt zu erhalten oder sensible Daten zu stehlen. Dazu zählen unter anderem:

• Tailgating: Eine unbefugte Person folgt einem Mitarbeitenden durch eine gesicherte Tür.
• Social Engineering: Durch überzeugende Geschichten oder gefälschte E-Mails versuchen Angreifer, Zutritt zu Gebäuden oder Systemen zu erhalten.
• Zugriff auf Hochsicherheitsbereiche: Etwa durch Eindringen in Serverräume, um vertrauliche Informationen oder Equipment zu entwenden.
• Einschleusen von Geräten: Kleine Computer oder andere Hardware werden im internen Netzwerk platziert, um Zugriff zu erhalten.
• Datenabgriff: Offen einsehbare Dokumente oder ungesicherte Papierunterlagen können sensible Informationen preisgeben.
• Manipulation von Endgeräten: Das Anbringen von Keyloggern oder Schadsoftware auf Computern und Laptops.
• Klonen von Zutrittskarten: Unbefugte kopieren oder stehlen Zutrittskarten, um Zugang zu gesicherten Bereichen zu erhalten.

‍

Our Initial Access Assessments simulate realistic phishing attacks to test the security awareness and responsiveness of your employees and uncover potential vulnerabilities. Our customized phishing campaigns use domains similar to your company's and create fake websites to trick your employees into revealing passwords or installing malware.

In addition to email phishing, we also test other channels:

• Social media: attackers impersonate employees or partners.
• Online forms: False login details on job application portals.
• Vishing: Manipulation through fake caller IDs.
• USB sticks: Distribution of USB sticks with malware.

We also carry out CEO fraud attacks, where attackers impersonate high-ranking employees to steal confidential information or money.

We also develop custom-written malware to measure the effectiveness of your XDR system. By combining different attack methods, we increase the chances of success and effectiveness of our assessments. On request, we can also simulate the procedures of known APT (Advanced Persistent Threats) groups to test your security measures under realistic conditions.

In an Assumed Breach Assessment, we assume that a device in your network has already been compromised. These tests skip the initial compromise phase and simulate scenarios where attackers already have access to identify vulnerabilities in the internal network and evaluate the effectiveness of your security measures.

Our assessments can be conducted as an overt test with active security measures such as XDR or as a white-box approach without countermeasures to uncover specific technical vulnerabilities.

Typically, we use a standard user to attempt to gain elevated privileges on the network. We then check both the server and client infrastructure for vulnerabilities. We also check the network segmentation to ensure that different networks such as client, server and guest networks are sufficiently separated from each other. We analyze network shares for sensitive data and evaluate the security of the WLAN infrastructure. We also focus on evaluating the configuration and effectiveness of your anti-virus and EDR systems.

On request, we can also simulate the procedures of known APT groups (Advanced Persistent Threats).

Our security checks for web applications uncover potential gaps and ensure the security of your applications and interfaces. These checks can be performed with or without authentication, as required. Manual checks always take priority to ensure a thorough and individual analysis.

With authenticated checks, we test the implementation of authentication and authorization by attempting to access protected areas. As part of the audit, critical functions such as registration or password resets are checked in detail in order to be able to rule out with a high degree of probability that they have been implemented correctly.

Our tests are based on the OWASP Testing Guide to identify and eliminate vulnerabilities such as SQL injection and cross-site scripting (XSS). This systematic and comprehensive methodology ensures that your web applications are optimally protected against current threats.