OneConsult GmbH - Selected References since 2006
 
 
 

References

Our clients value the top-quality services provided by OneConsult, and see us as a reliable, trustworthy and professional partner. Members of our staff also publish regularly in the specialist media. Our client base covers a broad spectrum of sectors, ranging from banks, energy and water supply companies, healthcare providers, insurance companies, media enterprises, to the pharmaceutical industry, public administration, retailers, telecommunications and transportation. For reasons of discretion, the list below does not include the names of our clients. However, we will be pleased to provide references and letters of recommendation following consultation with the companies concerned. We do not state any references in the fields of Computer Forensics because of the increased sensitivity of such projects. Here is a selection of our projects (all Penetration Tests and most of the Application Security Audits are OSSTMM-compliant):

Completion Client and Project Description
Q2/2008

Power provider

Switzerland
Security audit DMZ, LAN (technical security tests of selected systems in the LAN and in the DMZ, in the form of internal and external penetration tests, security scans and system audits)
Q2/2008

Cantonal bank

Switzerland
Web application penetration tests (security audit of several web servers)
Q2/2008

Insurance company

Switzerland
Web application audit (technical security tests of a web server and web services including penetration tests)
Q2/2008

Retail group

Switzerland
DMZ penetration test (remotely conducted technical security tests by penetration tests of selected systems in the DMZ and protocol tunneling tests)
Q2/2008

Insurance group

Switzerland
Technical security tests notebooks (comprehensive technical security tests of a client-image and system hardening with focus on wireless access)
Q2/2008

Company involved in security printing

Switzerland
DMZ security audit (remotely conducted penetration tests in the DMZ and audit firewall ruleset)
Q1/2008

Publishing group

Switzerland
Coaching on development of the IT security strategy and the IT security guideline (ISO/IEC 27001/27002-compliant)
Q1/2008

Insurance company

Switzerland
Coaching on evaluation of the future IT-outsourcer
Q1/2008

Business information service

Switzerland
DMZ penetration test (remotely conducted technical security tests of the systems in the DMZ)
Q1/2008

Producer of protective packages and formed technical parts

Germany
IT security audit (comprehensive technical security tests by internal and external penetration tests and security scans)
Q1/2008

National register of the federal administration

Switzerland
DMZ penetration test (testing firewall and all systems in the DMZ from the external perspective)
Q1/2008

Company involved in security printing

Germany
DMZ penetration test (testing firewall and all systems in the DMZ and in the LAN/WAN and digital penetration into the client's LAN using a test trojan)
Q1/2008 Insurance company Switzerland
Web application penetration test (in-depth security test of a web application)
Q4/2007 Power and gas group Germany

DMZ penetration test and security scan (testing firewalls and all systems in the DMZs from the external perspective)

Q4/2007 Outsourcing company Switzerland
Security audit (remotely conducted penetration tests of several DMZs and onsite tests of critical systems)
Q4/2007 Research center of an automotive manufactorer Germany

Development project in IT security of vehicle telematics systems

Q4/2007 Company in the semiconductor sector Germany
IT security audit (comprehensive technical security tests by internal and external penetration tests and security scans)
Q4/2007 Insurance company Switzerland
Web application security audit (security test of a web application that communicates via pdf forms)
Q4/2007 Tourism group Switzerland
Web application audit (application security audit incl. penetration tests)
Q4/2007 Bank Switzerland
Internet Banking Portal penetration test (security audit of the Internet banking application and coaching of the client's project team)
Q4/2007 Machine works Germany
IT security audit (comprehensive technical security tests by internal and external penetration tests and security scans)
Q4/2007 Telecommunications group Switzerland
DMZ penetration test (security audit of selected systems in the DMZ)
Q4/2007 Media group (print and e-media) Switzerland
Information Security Coaching (several sub-projects: conceptional security audit of the european country subsidiaries, development of the information security strategy, security awareness coaching and coaching of the client's project team)
Q4/2007 Cantonal bank Switzerland
DMZ penetration test (security audit of selected systems in the DMZ)
Q4/2007 Chocolate group Switzerland
War driving (security audit of the wireless networks and coaching of the client's project team)
Q4/2007 Telecommunications group Switzerland
Application security audit (privileged and unpriviledged penetration tests of a web application and coaching of the client's project team)
Q4/2007 Media company (television) Switzerland
DMZ penetration test (security test of the systems in the DMZ)
Q4/2007 Company involved in security printing Switzerland
FW/VPN penetration test (security audit of the firewall and the VPN gateway and coaching of the client's project team)
Q4/2007 Insurance company Switzerland
LAN/WAN penetration test (security test of selected systems in the LAN/WAN)
Q4/2007 Media company (print and e-media) Switzerland
DMZ penetration test (security test of the systems in the DMZ, intense VPN tests and protocol tunneling tests)
Q4/2007 Retail group Switzerland
Security training (presentation of hacking/security testing techniques and brief introduction of the OSSTMM)
Q4/2007 Circus Switzerland
WLAN and internet connection security audit (war driving of the WLAN and Bluetooth networks and ethical hacking of the internet connection)
Q4/2007 Insurance company Belgium
DMZ penetration test (security audit of selected systems in the DMZ and coaching of the client's projekt team)
Q3/2007 Insurance company Switzerland
Security audit DMZ, LAN and VoIP (penetration tests of the DMZ, the LAN and the VoIP infrastructure and coaching of the client's project team)
Q3/2007 Cantonal bank Switzerland
Security audit trading portals (penetration test of the web applications from the external view and coaching of the client's project team)
Q3/2007 Private bank Switzerland
Security audit VPN gateways (penetration test from the external view and configuration review)
Q3/2007 Lottery company
Switzerland
Application security audit (holistic security test of a web application incl. penetration tests, conceptional review and coaching of the client's project team)
Q3/2007 Kitchen and bath manufacturer
Germany
Security audit (ethical hacking, penetration tests and security scans of chosen systems from the internal and external perspective, war driving, firewall ruleset audit and coaching of the client's project team)
Q3/2007 Power group
Switzerland
Security training (presentation of security testing techniques and the verification of detected vulnerabilities, short introduction to OSSTMM and hands on training)
Q3/2007 Web marketing company
Panama
Application security audit of an online marketplace and system hardening coaching of the system operators
Q3/2007 Power group
Switzerland
Security audit (penetration test of all systems in the DMZ, security scan of hundreds of systems in the LAN/WAN and ethical hacking of selected systems, protocol tunneling tests and coaching of the client's project team)
Q2/2007 Lingerie and underwear manufacturer
Switzerland
DMZ penetration test (security test of all systems in the DMZ from the external perspective, protocol tunneling tests, firewall ruleset audit, and coaching of the client's project team)
Q2/2007 Cantonal bank
Switzerland
Web server security audit (penetration test and local system audit)
Q2/2007 Mounting system and tool company
Switzerland
DMZ security audit (penetration test of the systems in the DMZ from the external perspective and protocol tunneling tests)
Q2/2007 Telecommunications group
Switzerland
Security audit (penetration tests of chosen systems from the external and internal perspective, system audits, and coaching of the client's project team)
Q2/2007 Container glass manufacturer
Switzerland
DMZ security audit (penetration test of all systems in the DMZ from the external perspective, international security scan of selected systems in LAN/WAN, digital penetration into the client's LAN using a test trojan, and coaching of the client's project team)
Q2/2007 Precision instruments manufacturer
Switzerland
DMZ penetration test (security test of all systems in two DMZs from the external perspective, digital penetration into the client's LAN using a test trojan, and coaching of the client's project team)
Q1/2007 Administration (on behalf of SECUDE)
UAE
Security audit (technical security tests of chosen systems in the LAN and DMZ, system hardening, and coaching of the client's project team)
Q1/2007 Insurance company
Switzerland
Security audit (penetration test of infrastructure components, application security audit of two applications, and coaching of the client's project team)
Q1/2007 City administration
Switzerland
DMZ security audit (penetration test of all systems in the DMZs from the external perspective, digital penetration into the client's LAN using a test trojan, and coaching of the client's project team)
Q1/2007 Telecommunications group
Switzerland
Nessus training (training of employees in configurating and using the security scanner Nessus and interpreting and verifying its results)
Q1/2007 Energy company (electricity, gas and water) Switzerland
SAP application security audit (holistic security audit of the central SAP application and coaching of the client's project team)
Q4/2006 Power and gas group Germany
DMZ security scan (testing firewalls and all systems in the DMZs from the external perspective, partially penetration tests, digital penetration into the client's LAN and VPN deep inspection)
Q4/2006 Media group Switzerland
Coaching on development of the IT security strategy and the IT security guideline (ISO/IEC 27001/27002-compliant)
Q4/2006 Major bank Switzerland
Application security audit (holistic security audit of an intranet application)
Q4/2006 National security organization Switzerland
Drafting of various security concepts (including risk analyses) in accordance with HERMES, BS 7799 and GSHB
Q4/2006 Private bank Switzerland
Web application penetration test (technical security audit from the external perspective)
Q4/2006 Pension fund Switzerland
DMZ/LAN security audit (penetration test of firewall and all systems in the DMZ and the LAN from the external and internal perspective, VPN deep inspection, war driving, digital penetration into the client's LAN, and coaching the client's project team)
Q4/2006 Credit card company Switzerland
PDF form security audit (application security audit of an interactive PDF form regarding security-related functionalities and its implementation)
Q4/2006 Digital marketing services and technology supplier Germany
DMZ penetration test (testing firewall and all systems in the DMZ from the external perspective, digital penetration into the client's LAN, and coaching the client's project team)
Q4/2006 Beverage producer Switzerland
DMZ penetration test (testing firewall and all systems in the DMZ from the external and internal perspective, digital penetration into the client's LAN, VPN deep inspection, and coaching the client's project team)
Q4/2006 Telecommunications group Switzerland
DMZ penetration test (testing all systems in the DMZs from the external and internal perspective, digital penetration into the client's LAN using a test trojan, and coaching the client's project team)
Q4/2006

Retail group

Switzerland
Web application penetration test (technical security audit of a web application on application and system level and coaching the client's project manager)
Q3/2006 Insurance company Switzerland
DMZ penetration test and LAN/WAN security scan (technical security audit of the firewall and all systems in the DMZ and in the LAN/WAN, digital penetration into the client's LAN using a test trojan, coaching the client's project team)
Q3/2006 Company involved in security printing Germany
DMZ penetration test and LAN/WAN security scan (testing firewall and all systems in the DMZ and in the LAN/WAN, digital penetration into the client's LAN using a test trojan, coaching the client)
Q3/2006

Food importing and processing operation at a retail consortium

Switzerland
Coaching on development of the IT security strategy and the IT security guideline (ISO/IEC 27001/17799-compliant)
Q3/2006 Property services company Switzerland
DMZ penetration test and LAN/WAN security scan (testing firewall and all systems in the DMZ, testing selected systems in the LAN/WAN, digital penetration into the client's LAN using a test trojan, coaching the client's project manager)
Q3/2006 IT provider for a national security organization Switzerland
Analysis of a VPN solution and coaching the client's project manager
Q3/2006 Insurance company Switzerland
Drawing up guidelines (including checklists for various client groups and project phases) on Security Requirements for Web Applications targeted at application officers and programmers
Q3/2006 Cantonal compensation office Switzerland
DMZ penetration test including ethical hacking (testing firewall and all systems accessible via the Internet, digital penetration into the client's LAN using a test trojan, coaching the client's project manager)
Q3/2006 Insurance company Switzerland
DMZ penetration test including ethical hacking (testing firewall and all systems in the DMZs from the external and internal perspective, digital penetration into the client's LAN using a test trojan, specific system audits and coaching the client's project team)
Q2/2006 Company in the semiconductor sector Germany
Software engineering and functionality expansion for a security solution
Q2/2006 National security organization Switzerland
Drafting of various security concepts (including risk analyses) in accordance with HERMES, BS 7799 and GSHB
Q2/2006 Company involved in conveying and processing systems for the printing industry Switzerland
Coaching on development of the IT security strategy and the IT security guideline (ISO/IEC 27001/17799-compliant)
Q2/2006 Mounting system and tool company Switzerland
LAN/WAN security scan including ethical hacking (security testing of selected systems worldwide in the LAN/WAN, digital penetration into the client's LAN using a test trojan, coaching the client's project team)
Q1/2006 Pharmaceutical and chemical corporation Switzerland
Coaching and support for client's project team in Business Continuity Planning/Management (BCP/M), process design and system hardening

Q1/2006

Insurance company Switzerland
Application security audit (comprehensive technical, conceptual and organizational security audit of a multi-tier application, its components and the associated documentation from a technical, conceptual and organizational perspective, coaching the client's project team)

Q1/2006

National register of the federal administration Switzerland
DMZ penetration test including ethical hacking (testing firewall and all systems in the DMZ from the external perspective, digital penetration into the client's LAN using a test trojan)

Selected references for 2003-2005

If you're interested in OneConsult and you'd like a no-obligation consultation, or more information, please contact us.


Further information

  © 2008 OneConsult GmbH
All rights reserved.
     
Contact Terms Sitemap Deutsche Version Home