DevSecops

IT security is a holistic process. Particularly in application development, it can be of economic interest to identify security-relevant problem areas not at the time of release, but already in the coding process.

As an experienced consulting boutique specializing in penetration testing, we know the state-of-the-art standards, known or common attack vectors and hurdles in secure software development. The project knowledge of each penetration test ensures that we can adapt this knowledge and pass it on as part of our business consulting.

 

 

 

In this way, security risks can be identified at an early stage and taken into account during development, before further project cycles progress.

We support you in the following areas

Development and implementation of DevSecOps concepts

  • Sharpening the IT security culture among application developers
  • Introduction of security tools and further training of application developers (e.g. secure testing toolkits and integration into the CI pipeline)
  • Development standards such as Security by Design, Privacy by Design or Clean Code
  • Secure coding best practices (secure coding baselines, use of secure code scanning tools, manual code analyses)
  • Secure Coding Awareness Training
  • Incident Response Frameworks and Best Practices
  • Design, implementation and deployment of security assessment concepts

How we work

Sustainable

We create sustainable cybersecurity solutions through interdisciplinary approaches, because people need to understand why they should do what they should do. We support you with your cybersecurity strategy, internationally recognized security standards or security concepts. In doing so, we make cybersecurity measurable, more effective, for people, while reducing costs of ineffective cybersecurity measures.

After all, safety must pay for itself. This is achieved by creating appropriate safety measures that are similar to the probabilities of occurrence and damage levels of the risks.

Interdisciplinary

We understand your information security challenges: regulations, legal requirements, continuous operations challenges, and the rapid evolution of technology. In order to ensure consulting in high standards, we work with certified experts and strong principles. Through interdisciplinary work and the resulting insights, we increase the effectiveness, efficiency and pragmatism of security concepts – because any concept is only as effective as it is accepted by those around it.

Independent

We make recommendations for action not on the basis of partnerships, but on the basis of your need for protection, the existing conditions of your infrastructure, and other objectively measurable criteria.

Our experts also have proven specialized knowledge as well as various additional qualifications in the areas of data protection, criminology, forensics, and business administration and/or were partially employed in previous professional positions as, for example, a security officer. Police officers active.

Your contact

You can always reach us personally. Because loyalty based on partnership is far more important to us than short-term success.

Philipp Kalweit

Philipp Kalweit

Managing Partner

 

+49 40 285 301 257

hello@kalwe.it

Philipp Kalweit is an experienced IT security consultant on the topics of security awareness and offensive IT auditing. For the past six years, he has been advising and auditing clients from the SME and group environment, in particular ECB and BaFin-regulated organizations as well as groups in the retail sector. His consulting focus is on holistic IT security. He was honored for his work in 2019 by DIE ZEIT as “Hamburger of the Month” and in the same year was included in the Forbes “30 under 30 DACH” list.

 

Arrange a non-binding initial meeting now