We protect you against the biggest business risk in the world – cyber attacks.

Who we are

“Cyber attacks are the biggest business risk worldwide.”

Allianz Risk Barometer 2024

KALWEIT ITS – A breath of fresh air in IT security

As an independent consulting boutique with a focus on manual penetration tests, we bring fresh perspectives to our clients’ IT security.
Whether medium-sized companies or large corporations – customized solutions are our claim.
We think like real attackers to discover security vulnerabilities that others overlook.

For seven years, DAX companies as well as numerous medium-sized companies have placed their trust in us.
With passion and experience, we support IT security departments in protecting their systems against the biggest business risk in Europe: Cyberattacks.

High project volumes or short-term implementation are no problem thanks to our exclusively permanent team.

For our work, we were included in the Forbes 30 under 30 DACH list in 2019 and named “Hamburger of the Month” by DIE ZEIT.

CONSULTING APPROACH

We minimize cyber risks holistically and risk-oriented according to the Pareto principle. This means minimizing 80% of the risks by 20% of the effort.

Certified

Our team consists of permanently employed IT security experts, most of whom have an academic background and recognized certificates.
As in-depth specialists, they have been focusing exclusively on penetration testing for years.
We deliberately do not use subcontractors in order to guarantee quality, trust and expertise.

DNA = passion

When you turn your hobby into a profession, one thing becomes very clear: passion and lifeblood become the DNA of the company.

Our goal

We bring a breath of fresh air to your company’s IT security.

How we work

We take a holistic view of cyber risk mitigation. Because only by uniting technology and people can you sustainably develop new perspectives and securely shape companies.

Good reasons for us

01

Highly specialized expert knowledge

We think outside the box:

Automated systems support us in our work, but to be really sure, we test manually to find every weak point.

In addition, our final documents and reports are so detailed that a considerable amount of consulting work is no longer required afterwards. Our documentation work is unique in our industry.

We also have high professional standards for ourselves: We only employ specialists with many years of pentesting experience and we work exclusively with permanent colleagues.

 

02

Sustainable and independent

A breath of fresh air – We believe that IT security has to be different today. Security means trust in independent solutions. Safety is not a product, but a continuous process. This is precisely why we work with holistic consulting methods and understand companies as a holistic security factor – just as an attacker would. Because a concept does not make a system.

Furthermore, as an independent consulting firm, we are free from partnerships to specific technologies and IT products, so our consulting work is unbiased and independent.

03

Interdisciplinary

Because safety is also a social issue. After all, any security concept is only as effective as it is accepted and implemented by the user. We combine a breath of fresh air with decades of expertise from our consultants. An interplay of computer science, social sciences and psychology to design the most suitable solution in tried and tested project teams. In addition, our work is based on recognized standards such as BSI IT-Grundschutz, OWASP Testing Guide, COBIT, ITIL, ISO/IEC 2700x or NIST.

Our experts also have proven specialized knowledge as well as various additional qualifications in the areas of data protection, criminology, forensics, and business administration and/or were partially employed in previous professional positions as, for example, a security officer. Police officers active.

04

Outstanding references

A good consultant knows many industries – and even more roads that lead to Rome.
We have gained extensive experience in various industries and are very familiar with the specific IT compliance requirements, including DORA, BAIT, VAIT and DiGAV.
Thanks to this knowledge and our expertise in current best practices, numerous companies trust us.
These include medium-sized companies with 50 to 500 employees, critical infrastructures with up to 400,000 employees and 5 of the 50 largest German banks.
Our long-standing customers also include energy suppliers, lotteries, building cooperatives and many more.