Oneconsult AG is a renowned, owner-managed, Swiss cyber security consulting company with 30+ highly qualified employees, offices in Switzerland and Germany, a customer base of 300+ organizations and 1200+ completed security projects worldwide. We are your trustworthy partner for a holistic cyber security approach against external and internal threats such as APT, hacker attacks, malware infection, digital fraud and data leakage. Our core services are penetration tests / ethical hacking, ISO 27001 security audits and incident response & IT forensics (incl. 24/7). To protect your organization and mitigate specific information security risks, Oneconsult also offers practical security consulting, security training and virtual security officer services. We have dedicated IT security researchers and a large team of certified penetration testers (OPST, OSCP, etc.), digital forensics experts (GCFA, GCFE, GREM) and ISO security auditors (ISO 27001 Lead Auditor).
In this talk in German also held at the Digicomp Hacking Day 2017, Yves Kraft (Branch Manager Bern, Senior Penetration Tester & Security Consultant at Oneconsult AG) illustrates how radio signals of everyday objects are analyzed. [more]
At Hacking Day 2017, Oneconsult employees Fabian Gonzalez und Yves Kraft will present three interesting, hands-on topics: “Auswirkungen von physischen Angriffen – DirectMemory-Attacken”, “Switzerland’s next Bug Bounty Hacker «Hands-On»” and “Das Grundrauschen in unserer Umgebung – Reverse Engineering von Funksignalen mit Software Defined Radio”.
Exciting Oneconsult article in German, which illustrates, how VoIP phone calls can be intercepted with simple tools and what can be done against such activities.
Exciting article in German with quotes of Jan Alsenz (CRO Oneconsult) and other security specialists of PwC and IBM.
by Marco Wohler
There are different strategies and means to protect a server or client against attacks from inside or outside. This article in German deals with file and folder rights, since these are often neglected. [more]
by Jan Alsenz & Rafael Scheel
This article in German demonstrates how a design security flaw discovered by Oneconsult can be abused in the Microsoft UAC mechanism to allow any scripts and programs to fake a supposedly genuine Microsoft signature.
Application penetration test projects of banking solutions, online shops, mobile apps, ICS (SCADA/DCS), IoT devices, ERP and CRM solutions, CMS, VoIP systems, etc.
Security audits, e.g. according to ISO 27001, ISO 27002, industry specific guidelines (ISO 27015, 27019, 27799, etc.) or SANS Critical Security Controls
Our approach is customized to meet our clients’ specific needs as well as based on «best practice». In addition to our own methods, we also rely on industry-proven standards.
Subsidiary of Oneconsult AG
Tel +49 89 452 35 25 25
Fax +49 89 452 35 21 10