Security in software development

You want to make your software more secure and protect your development processes? With our background in software development and many years of experience in application security, DevSecOps and Cloud environments, we provide fast and efficient support and consulting.

Find out more

Security in modern environments

Which code security scanners are suitable? What are SAST, DAST and IAST? How is security integrated into modern DevOps and cloud environments? How can security be embedded into Scrum processes and how can we avoid slow security processes that interfere with our CI/CD pipeline? We help you to secure your software development, operation and deployment processes.

Read more

Security and compliance for your applications and processes

No matter how technologically well-protected you are against attacks, technology is just one aspect of a company’s overall security strategy. How employees act when security problems occur and how the flow of information is structured in an emergency are just as important. How is your risk management structured? What processes are in place in the event of a cyber attack? What are the most important assets, and how compliant are you? We support you to meet the requirements of ISO 27001 and the European General Data Protection Regulation (GDPR).

Read more

Hands-on training, coaching, code reviews and knowledge transfer

Your company can only be secure if you have appropriately trained staff. We offer hands-on training courses tailored to developers and architects. Our training will enable them to detect current risks in the software landscape, develop solution strategies, become familiar with hackers’ techniques and evaluate security incidents more accurately. We can also help you to set up your own in-house training program to embed security knowledge in your company on a permanent basis.

Read more

Most recent posts

  • 7 major risks for your CI/CD pipeline

    When securing your CI/CD pipeline, it is not only about producing a secure product – it is also about securing the pipeline itself. Here are 7 major risks for your CI/CD pipeline and a few ideas on how to threatmodel...

  • The crazy world of building application security programs @ Elbsides

    Having had the opportunity to present a talk at Elbsides in Hamburg in 2019, we did exactly that :) Elbsides 2019 was the start of a new Security Conference in Hamburg in the Spirit of the BSides security conferences. Here...

  • Building modern SSDLCs - Securing Software at Scale

    Security in the last years was mostly focused on infrastructure protection, but application security has slowly grown in relevance and will likely continue to do so. Applications play a growing role for businesses and application specific security programs are often...