IT Sicherheit – frischer Wind
IT security – a breath of fresh air
Sécurité informatique – un vent de fraîcheur
Seguridad informática – un soplo de aire fresco
Hacker sind kreativ und finden immer neue Wege in Unternehmen einzudringen. Um Angreifern weiterhin einen Schritt voraus zu sein, braucht es immer wieder neue Ideen.

KALWEIT ITS – Wir bringen frischen Wind.
Hackers are creative and always find new ways to penetrate companies. To stay one step ahead of attackers, new ideas are always needed.

KALWEIT ITS – We bring a breath of fresh air.
Les pirates informatiques sont créatifs et trouvent toujours de nouveaux moyens de s'introduire dans les entreprises. Pour garder une longueur d'avance sur les attaquants, il faut sans cesse de nouvelles idées.

KALWEIT ITS – Nous apportons un vent de fraîcheur.
Los hackers son creativos y siempre encuentran nuevas formas de penetrar en las empresas. Para estar un paso por delante de los atacantes, siempre se necesitan nuevas ideas.

KALWEIT ITS – Traemos un soplo de aire fresco.

Penetration test

The supreme discipline

Red Teaming Penetration Test

IT security strategies are based on the fundamental pillars of prevention, detection and response. IT infrastructure should be state of the art, an appropriate IT security culture should be maintained, physical IT security should be ensured.

But can all your security strategies withstand an attack? Many security concepts sound tempting in theory, but fail in practice. Which of them are actually effective can rarely be judged without a practical review.
Time to see if your security measures are paying off, too.

Attackers usually pick the most vulnerable link in a chain – and that doesn’t always have to be IT. Often, attack vectors in physical IT security or even in the company’s security culture can be used to obtain information worth protecting. As part of the Red Teaming penetration test, we check your company holistically – using any means that could also be available to a potential attacker.

This gives you a realistic view of your company’s defense and response capabilities.

Attackers can spend an average of 56 days in foreign corporate networks before they are discovered.
(applies to the EMEA economic area)

We test holistically:

Technology We carry out attacks against your corporate IT.
People We check how your employees react to actual hacker attacks.
Is IT security really part of the corporate culture?
Physical IT security We check how your company building, server rooms as well as other relevant facilities of your company are secured.
Recognized standards We work according to recognized standards such as ISECOM OSSTMM, PTES, OWASP Testing Guide as well as the specifications and recommendations of the TIBER-EU Framework of the European Central Bank. Furthermore, all our security audits are based on the recommendations of the German Federal Office for Information Security. In addition, our projects are insured for financial loss as well as personal injury and property damage.

Penetration test

Penetration testing not only finds security vulnerabilities, but saves money.
The average cost per security incident was $3.86 million.

(global, year 2018)

What we know

We do not provide hypotheses, but clarity, knowing exactly what (still) needs to be done. We help companies determine the actual security posture of their IT without compromise and independently. In doing so, we act like potential attackers by identifying attack vectors and vulnerabilities through real-world attacks. This gives you a realistic and uncompromising insight into the current security situation of your IT.


The goal of penetration testing is to efficiently penetrate information technology systems. We act like potential attackers, identify attack vectors and exploit them technically. This gives you a realistic view of the (in)security of your IT solutions and enables you to close security gaps before attackers exploit them.

As an independent consulting company specializing in the disciplines of IT security, performing penetration tests is one of our supreme disciplines. Our claim is the execution of low automated penetration tests with a transparent and comprehensible approach. Industry-specific requirements from the banking or healthcare sectors do not pose a challenge for us.

    We believe that IT security must be different today . Security means trust in independent solutions. Safety is not a product, but a continuous process. This is exactly why we work with holistic consulting methods and understand companies as holistic security factor - just as an attacker would . Because a concept does not make a system.
    We work according to recognized standards such as PTES, NIST, OWASP Testing Guide, PCI-DSS, Cyber Kill Chain as well as the implementation concept for penetration tests of the Federal Office for Information Security . In addition, our projects are insured for financial loss as well as personal injury and property damage.

We support you with any kind of penetration testing:

  • Perimeter test
  • Client test
  • Inside offender test
  • Testing of web applications/application software/mobile applications
  • Testing of core banking systems and retail networks
  • Security Review
  • Engine control unit tests
  • IoT device testing
  • Tests in the cloud environment (AWS, Microsoft Azure or Google Cloud)
  • Flutter solution testing
  • Extensive projects with more than 400 project days per year
  • Strong expertise in performing penetration testing in banking and finance, healthcare, critical infrastructure, and retail industries

Automotive Cybersecurity

The advancing process of digitalization does not stop at the automotive world.

The increasing number of ECUs in automobiles, as well as the greater networking of vehicles (C2X), also increases the risk of unauthorized access and manipulation of safety-critical systems.

Particularly nowadays, vehicles are networked in numerous ways, both internally and externally. For example, navigation devices access information in the CAN bus and simultaneously offer external access via interfaces such as Bluetooth, WLAN or LTE. But even the mandatory OBD-II interface represents a significant attack vector. One example of the manipulation of automotive control units is the trend towards so-called “map optimization”.
However, advanced knowledge can also make use of information transmitted via the CAN bus to manipulate a wide variety of vehicle functions or to use it for function enhancement. The in-depth networking of a wide range of control units in the vehicle enables pioneering features such as autonomous driving, cruise control systems or even improved navigation.

A clear and present threat

The manipulation of control units is therefore a clear and present threat to car drivers, workshops, suppliers and the car manufacturers. Be it a change in mileage, a potential increase in performance or even the manipulation of parameters on the CAN bus.

IT Security Check

The IT Security Check offers small and medium-sized companies an initial assessment of the general IT security situation in their own company.


  • Where are we particularly well positioned and where do we still need to catch up?
  • Clarity, knowing exactly what still needs to be done
  • Gaining insight into which measures are indispensable and which are of little relevance
  • 2 days implementation with several consultants
  • Review of technical & organizational IT security based on VdS 10000
  • QuickCheck of corporate web presence and external IPs
  • Recommendation catalog for the further procedure
  • Management Report (PDF format)
  • Final interview
  • 3 days implementation with several consultants
  • Review of technical & organizational IT security based on VdS 10000
  • QuickCheck of corporate web presence and external IPs
  • Recommendation catalog for the further procedure
  • Management Report (PDF format)
  • Final interview
  • 4 days implementation with several consultants
  • Review of technical & organizational IT security based on VdS 10000
  • QuickCheck of corporate web presence and external IPs
  • Recommendation catalog for the further procedure
  • Management Report (PDF format)
  • Final interview

OSINT research

Open Source Intelligence (OSINT) is a term from the intelligence application field and describes a research method that uses exclusively passive tools to examine freely available data with a specific application purpose in mind.

As part of OSINT research, we identify compromised data sets such as confidential documents, credentials, or useful technical information for specific cyber kill chain attack attempts. These provide a clear picture of how to assess your company’s current IT security situation. Since only passive tools are used, this type of security check can be easily performed without violating legal requirements (esp. §202a-c, §303a-b).

OSINT searches can be used, among other things, as a more detailed phase of information gathering as part of a penetration test.

Procedure of the tests

  • Initial interview
  • Conversation with all parties involved
  • Implementation
  • Documentation
  • Risk assessment
  • Results presentations

During the initial meeting, we get to know you and your company better. In the second round of the meeting, we discuss the next steps together with all decision-makers. The methodology of penetration testing to be applied is determined.

Once the penetration test has identified possible attack vectors and determined their probability of occurrence and potential damage, we present the results to you in a final report.

This includes a management summary, a detailed description of the inherent risks, and a proof of concept so that you can track the vulnerabilities internally with your own IT experts.

At the heart of the documentation are the comprehensive recommendations for action, which you can use to carry out independent remediation of the weak points in a simple and comprehensible manner.

Independently of a free debriefing to clarify open questions or ambiguities, we are also happy to provide you with a confirmation of the successful execution of a penetration test upon request. You can use this as proof for customers and business partners.



The final report contains the following components:

  • Project frame data (project name, contact person, test period, scope)
  • Management summary
  • Description of the approach and methods used
  • Summary and assessment of the identified vulnerabilities with regard to their criminality (incl. naming of CVSS values and CVE entries) as well as technical proof of concept
  • Detailed technical description of the identified vulnerabilities / inherent risks.
  • Recommendation of measures to eliminate the vulnerability as well as listing of all vulnerabilities in tabular form (Excel).

Your contact persons

You can always reach us personally. Because loyalty based on partnership is far more important to us than short-term success.

Dipl-Inf. George Koch

Dipl-Inf. George Koch

Senior Business Partner


+49 40 285 301 252

Georg Koch is a Senior Business Partner at KALWEIT ITS and is responsible for international and national projects at the strategic level in the SME and corporate environment. He has 30 years of professional experience in the IT, telecommunications and energy sectors, for example in middle management with European responsibility at Sharp Electronics, Philips, Shell Solar and as former managing director of an IT company (160 employees, over 50 million euros in sales).


Philipp Kalweit

Philipp Kalweit

Managing Partner


+49 40 285 301 257

Philipp Kalweit is an experienced IT security consultant on the topics of security awareness and offensive IT auditing. For the past six years, he has been advising and auditing clients from the SME and group environment, in particular ECB and BaFin-regulated organizations as well as groups in the retail sector. His consulting focus is on holistic IT security. He was honored for his work in 2019 by DIE ZEIT as "Hamburger of the Month" and in the same year was included in the Forbes "30 under 30 DACH" list.