Cybersecurity for a
digital world from
Who we are
“Cyberattacks are the biggest business risk in Europe.”
World Economic Forum 2019 Regional Risks for Doing Business, insight report
KALWEIT ITS – stands for a breath of fresh air in IT security. As one of the leading consulting boutiques specializing in manual penetration testing, we are committed to bringing new perspectives to our clients’ IT security. Whether medium-sized businesses or corporate groups, customized solutions are our mission. In our auditing and consulting activities, we always bring in the perspective of real attackers. In this way, we find vulnerabilities in IT systems that would otherwise be impossible to detect.
For five years, both DAX-listed and a large number of medium-sized companies have trusted our independent expertise. We are passionate and experienced IT security consultants, helping our clients’ IT security departments to protect their systems from the biggest European business risk: cyber attacks.
For our work we were included in the Forbes 30u30 DACH list in 2019 and portrayed as “Hamburger of the Month” by DIE ZEIT.
We minimize cyber risks holistically and risk-oriented according to the Pareto principle. This means minimizing 80% of the risks by 20% of the effort.
We want to demystify the image of the hacker and make cybersecurity understandable, actionable and natural for everyone.
Cyber attacks are the biggest business risk in Europe – with passion, heart and a good dose of curiosity, we want to work on making that history soon.
We bring a breath of fresh air to your company’s IT security.
How we work
We take a holistic view of cyber risk mitigation. Because only by uniting technology and people can you sustainably develop new perspectives and securely shape companies.
We look beyond our own backyard: many attacks take place out of Eastern Europe and Asia. This is precisely why we work with international teams of experts at our locations in Vienna, Kiev and Singapore. Diverse perspectives – because attackers are not only from Germany and cultural differences also play a role in finding solutions/resolving conflicts.
Our experts also have proven specialized knowledge as well as various additional qualifications in the areas of data protection, criminology, forensics, and business administration and/or were partially employed in previous professional positions as, for example, a security officer. Police officers active.
Sustainable and independent
A breath of fresh air – We believe that IT security has to be different today. Security means trust in independent solutions. Safety is not a product, but a continuous process. This is precisely why we work with holistic consulting methods and understand companies as a holistic security factor – just as an attacker would. Because a concept does not make a system.
Furthermore, as an independent consulting firm, we are free from partnerships to specific technologies and IT products, so our consulting work is unbiased and independent.
Because safety is also a social issue. After all, any security concept is only as effective as it is accepted and implemented by the user. We combine a breath of fresh air with decades of expertise from our consultants. An interplay of computer science, social sciences and psychology to design the most suitable solution in proven international project teams. In addition, our work is based on recognized standards such as BSI IT-Grundschutz, OWASP Testing Guide, COBIT, ITIL, ISO/IEC 2700x or NIST.
Pareto principle – proven expert knowledge
Our specialization in penetration testing ensures that we are aware of current attack trends. We understand the attack strategies because we are the attackers. More than 50 penetration tests a year ensure that we know exactly where vulnerabilities can be found, which IT security strategies are particularly effective, and what often causes projects to fail. The knowledge gained from each penetration test ensures that we can use this practical knowledge effectively in accordance with the Pareto principle. Our consulting approach: minimize 80% of cyber risks through 20% consulting activity.