IT Sicherheit – frischer Wind
IT security – a breath of fresh air
Sécurité informatique – un vent de fraîcheur
Seguridad informática – un soplo de aire fresco
Hacker sind kreativ und finden immer neue Wege in Unternehmen einzudringen. Um Angreifern weiterhin einen Schritt voraus zu sein, braucht es immer wieder neue Ideen.

KALWEIT ITS – Wir bringen frischen Wind.
Hackers are creative and always find new ways to penetrate companies. To stay one step ahead of attackers, new ideas are always needed.

KALWEIT ITS – We bring a breath of fresh air.
Les pirates informatiques sont créatifs et trouvent toujours de nouveaux moyens de s'introduire dans les entreprises. Pour garder une longueur d'avance sur les attaquants, il faut sans cesse de nouvelles idées.

KALWEIT ITS – Nous apportons un vent de fraîcheur.
Los hackers son creativos y siempre encuentran nuevas formas de penetrar en las empresas. Para estar un paso por delante de los atacantes, siempre se necesitan nuevas ideas.

KALWEIT ITS – Traemos un soplo de aire fresco.


We create holistic solutions and make cybersecurity measurable.

We support our customers in every organizational, technical or cultural challenge of IT security. Because every technical challenge is also a challenge at the level of corporate culture. We think in terms of holistic solutions, using recognized consulting methods such as GAP analyses and working independently of products. We use proven frameworks such as BSI IT-Grundschutz, ISO/IEC 2700x, COBIT, ITIL or NIST standards as a basis for consulting.

Think new!

IT security means collaborative teamwork! This is precisely why we always work in teams of at least two experts. We think outside the box – with ever new ideas, fresh approaches and constantly new constellations of proven expert teams.


Because security is also a social issue, because any security concept is only as effective as it is accepted and implemented by the user.


IT security is a holistic process. Particularly in application development, it can be of economic interest to identify security-relevant problem areas not at the time of release, but already in the coding process.

As an experienced consulting boutique specializing in penetration testing, we know the state-of-the-art standards, known or common attack vectors and hurdles in secure software development. The project knowledge of each penetration test ensures that we can adapt this knowledge and pass it on as part of our business consulting.




In this way, security risks can be identified at an early stage and taken into account during development, before further project cycles progress.

We support you in the following areas

Development and implementation of DevSecOps concepts

  • Sharpening the IT security culture among application developers
  • Introduction of security tools and further training of application developers (e.g. secure testing toolkits and integration into the CI pipeline)
  • Development standards such as Security by Design, Privacy by Design or Clean Code
  • Secure coding best practices (secure coding baselines, use of secure code scanning tools, manual code analyses)
  • Secure Coding Awareness Training
  • Incident Response Frameworks and Best Practices
  • Design, implementation and deployment of security assessment concepts

How we work


We create sustainable cybersecurity solutions through interdisciplinary approaches, because people need to understand why they should do what they should do. We support you with your cybersecurity strategy, internationally recognized security standards or security concepts. In doing so, we make cybersecurity measurable, more effective, for people, while reducing costs of ineffective cybersecurity measures.

After all, safety must pay for itself. This is achieved by creating appropriate safety measures that are similar to the probabilities of occurrence and damage levels of the risks.


We understand your information security challenges: regulations, legal requirements, continuous operations challenges, and the rapid evolution of technology. In order to ensure consulting in high standards, we work with certified experts and strong principles. Through interdisciplinary work and the resulting insights, we increase the effectiveness, efficiency and pragmatism of security concepts – because any concept is only as effective as it is accepted by those around it.


We make recommendations for action not on the basis of partnerships, but on the basis of your need for protection, the existing conditions of your infrastructure, and other objectively measurable criteria.

Our experts also have proven specialized knowledge as well as various additional qualifications in the areas of data protection, criminology, forensics, and business administration and/or were partially employed in previous professional positions as, for example, a security officer. Police officers active.

Your contact

You can always reach us personally. Because loyalty based on partnership is far more important to us than short-term success.

Philipp Kalweit

Philipp Kalweit

Managing Partner


+49 40 285 301 257

Philipp Kalweit is an experienced IT security consultant on the topics of security awareness and offensive IT auditing. For the past six years, he has been advising and auditing clients from the SME and group environment, in particular ECB and BaFin-regulated organizations as well as groups in the retail sector. His consulting focus is on holistic IT security. He was honored for his work in 2019 by DIE ZEIT as “Hamburger of the Month” and in the same year was included in the Forbes “30 under 30 DACH” list.