IT Security Consulting
We support our customers in every organizational, technical or cultural challenge of IT security. Because every technical challenge is also a challenge at the level of corporate culture. We think in terms of holistic solutions, using recognized consulting methods such as GAP analyses and working independently of products. We use proven frameworks such as BSI IT-Grundschutz, ISO/IEC 2700x, COBIT, ITIL or NIST standards as a basis for consulting.
IT security means collaborative teamwork! This is precisely why we always work in teams of at least two experts. We think outside the box – with ever new ideas, fresh approaches and constantly new constellations of proven expert teams.
Because security is also a social issue, because any security concept is only as effective as it is accepted and implemented by the user.
IT security is a holistic process. Particularly in application development, it can be of economic interest to identify security-relevant problem areas not at the time of release, but already in the coding process.
As an experienced consulting boutique specializing in penetration testing, we know the state-of-the-art standards, known or common attack vectors and hurdles in secure software development. The project knowledge of each penetration test ensures that we can adapt this knowledge and pass it on as part of our business consulting.
We support you in the following areas
Development and implementation of DevSecOps concepts
- Sharpening the IT security culture among application developers
- Introduction of security tools and further training of application developers (e.g. secure testing toolkits and integration into the CI pipeline)
- Development standards such as Security by Design, Privacy by Design or Clean Code
- Secure coding best practices (secure coding baselines, use of secure code scanning tools, manual code analyses)
- Secure Coding Awareness Training
- Incident Response Frameworks and Best Practices
- Design, implementation and deployment of security assessment concepts
How we work
We create sustainable cybersecurity solutions through interdisciplinary approaches, because people need to understand why they should do what they should do. We support you with your cybersecurity strategy, internationally recognized security standards or security concepts. In doing so, we make cybersecurity measurable, more effective, for people, while reducing costs of ineffective cybersecurity measures.
After all, safety must pay for itself. This is achieved by creating appropriate safety measures that are similar to the probabilities of occurrence and damage levels of the risks.
We understand your information security challenges: regulations, legal requirements, continuous operations challenges, and the rapid evolution of technology. In order to ensure consulting in high standards, we work with certified experts and strong principles. Through interdisciplinary work and the resulting insights, we increase the effectiveness, efficiency and pragmatism of security concepts – because any concept is only as effective as it is accepted by those around it.
We make recommendations for action not on the basis of partnerships, but on the basis of your need for protection, the existing conditions of your infrastructure, and other objectively measurable criteria.
Our experts also have proven specialized knowledge as well as various additional qualifications in the areas of data protection, criminology, forensics, and business administration and/or were partially employed in previous professional positions as, for example, a security officer. Police officers active.
Your contact persons
You can always reach us personally. Because loyalty based on partnership is far more important to us than short-term success.
Dipl-Inf. George Koch
Senior Business Partner
+49 40 285 301 252
+49 40 285 301 257