Penetration Test
Penetration Test
Application penetration test, code review, reverse engineering, ethical hacking and APT test against cyber threats
Proactively protect your web shop, internet banking platform, mobile app, ICS (SCADA / DCS), IoT device or IT infrastructure via penetration test, code review, reverse engineering or APT test by our certified penetration testers and security researchers.
ISO 27001 Security Audit
ISO 27001 Security Audit
ISO-compliant assessment of your information security landscape
Analyze and benchmark your information security level based on international standards (ISO 27001, ISO 27002, SANS 20, IEC 62443, NERC CIP, etc.) to plan your IT budget for security mitigation measures.
Incident Response & IT Forensics
Incident Response & IT Forensics
Fast, professional reaction to cyber attacks and unwanted digital activities plus court-proof investigation
Respond appropriately and effectively to malware infection, hacker attack, fraud, data theft and other criminal or unwanted digital activities with the support of our certified IT security and forensics experts.

Oneconsult group is your renowned Swiss cyber security services partner since 2003 with offices in Switzerland and Germany and 1600+ completed security projects worldwide. Get expert advice from an owner-managed and vendor-independent consultancy with 40+ highly qualified cyber security experts, including certified ethical hackers / penetration testers (OPST, OPSA, OSCP, OSCE, GXPN), digital forensics specialists (GCFA, GCFE, GREM), ISO security auditors (ISO 27001 Lead Auditor, ISO 27005 Risk Manager, ISO 27035 Incident Manager) and dedicated IT security researchers to solve even your most demanding information security challenges. Together we address your external and internal threats such as malware infections, hacker attacks and APT as well as digital fraud and data leakage with core services like penetration tests / ethical hacking, real-life APT tests and ISO 27001 security audits. In case of emergency, Oneconsult’s incident response & IT forensics team supports you with around-the-clock expert assistance (24 h x 365 days).

Events

04.07.2019 / Java-Forum in Stuttgart

Presentation: “Beyond OWASP Top 10 – Über welche Schwachstellen werden Webanwendungen angegriffen, wenn die wesentlichen Grundlagen der OWASP Top 10 abgesichert sind? Fälle aus der Praxis”. Speaker is Senior Penetration Tester & Security Consultant Frank Ully.

01.07.2019 / (IoT) Safety & Security - Challenges in the Embedded Market in München

Presentation: “How (not) to trust your devices” by Senior Penetration Tester, IT-Forensiker & Security Researcher Rafael Scheel.

News & Advisories

New Netwrix Webinar "Im Schatten des Domain Controllers - DCSync & DCShadow" online

by Yves Kraft

The webinar explains and simulates two popular attacks on domain controllers in Windows environments. Link to Webinar: https://www.netwrix.com/dcshadow

Oneconsult is a member of FIRST

FIRST is a global network of incident response and security teams dedicated to promoting collaboration and coordination in this area and actively sharing information among members to respond more effectively to security incidents. FIRST has more than 400 members worldwide.
Further information about FIRST can be found here: https://www.first.org/
You will find information about our services in this area under the following link: https://www.oneconsult.com/de/incident-response-it-forensics/

Pen Tester's Diary

Malware analysis – Basics

by Severin Wischmann

This is the first installment in a multi-part series about malware and how to analyze it. The article discusses the basics of malware. In further articles of this series, different facets of the analysis will be examined in detail. [read the German article]

New version of OWASP Application Security Verification Standard (ASVS) available

by Alex Wettstein

The Open Web Application Security Projekt – better known as OWASP, is a manufacturer independent non-profit-Organization with the aim of making (web) applications more secure.

One of their flagship projects is the «Application Security Verification Standard», better known as ASVS. Version 4 of ASVS was released today. This article explains the ASVS and how it can support you as the person responsible for IT Security in your daily duties within your enterprise. [read the German article]

Our customers value our expertise and vast project experience of over

0

Penetration test projects, over 850 of which OSSTMM-compliant

0

Application penetration test projects of banking solutions, online shops, mobile apps, ICS (SCADA/DCS), IoT devices, ERP and CRM solutions, CMS, VoIP systems, etc.

0

Security auditse.g. according to ISO 27001, ISO 27002, industry specific guidelines (ISO 27015, 27019, 27799, etc.) or SANS Critical Security Controls

Methods and Standards

Our approach is customized to meet our clients’ specific needs as well as based on «best practice». In addition to our own methods, we also rely on industry-proven standards.

Holding

Oneconsult International AG
Schuetzenstrasse 1
8800 Thalwil
Switzerland

Tel +41 43 377 22 66
Fax +41 43 377 22 77
info@oneconsult.com

Switzerland

Headquarters
Oneconsult AG
Schuetzenstrasse 1
8800 Thalwil
Switzerland

Tel +41 43 377 22 22
Fax +41 43 377 22 77
info@oneconsult.com

Oneconsult AG
Baerenplatz 7
3011 Bern
Switzerland

Tel +41 31 327 15 15
Fax +41 31 327 15 25
info@oneconsult.com

Germany

Oneconsult Deutschland GmbH
Agnes-Pockels-Bogen 1
80992 Munich
Germany

Tel +49 89 248820 600
Fax +49 89 248820 677
info@oneconsult.com