Oneconsult group is your renowned Swiss cyber security services partner since 2003 with offices in Switzerland and Germany and 1500+ completed security projects worldwide. Get expert advice from an owner-managed and vendor-independent consultancy with 30+ highly qualified cyber security experts, including certified penetration testers (OPST, OPSA, OSCP, OSCE, GXPN), digital forensics specialists (GCFA, GCFE, GREM), ISO security auditors (ISO 27001 Lead Auditor, ISO 27005 Risk Manager) and dedicated IT security researchers to solve even your most demanding information security challenges. Together we address your external and internal threats such as malware infections, hacker attacks and APT as well as digital fraud and data leakage with core services like penetration tests / ethical hacking, real-life APT tests and ISO 27001 security audits. In case of emergency, Oneconsult’s incident response & IT forensics team supports you with around-the-clock expert assistance (24 h x 365 days).
The Open Source Security Testing Methodology Manual (OSSTMM) is ideal for planning, carrying out and documenting technical security audits. Yves Kraft, an experienced OSSTMM trainer, will focus on the measurability and comparability of OSSTMM-compliant audits in his presentation.
Further information and registration (presentation will be in German):
Frank Ully (Penetration Tester & Security Consultant, Oneconsult Deutschland GmbH) explains in his exciting presentation in German the basics of Blockchain, names application areas and highlights the security aspects.
Further information and registration: https://www.security-management.de/security-forum-anmeldung/
OSSTMM – or in words – Open Source Security Testing Methodology Manual
Your advantages when using a de-facto standard for IT security assessments: OSSTMM trainer Yves Kraft’s (Oneconsult Bern) presentation on this topic
Oneconsult is a cyber security consulting company. In the last months questions have repeatedly been asked in meetings and telephone conversations about the consequences of the General Data Protection Regulation (GDPR), which applies on May 25, 2018. Is this a report like many others that deal with fear?
No. If you read on here, you’ll find just some questions of our interlocutors and matching answers, that the Oneconsult team can provide at the moment (as of March 2018). [read the German article]
In the course of their audit engagements Oneconsult penetration testers are increasingly finding identical passwords used for local administrative users on backend systems and even more often on workstations. Although these passwords are stored as a NTLM hash, an attacker still has ample opportunities to misuse this situation for lateral movement inside a company’s IT infrastructure. This article covers attacks and mitigation opportunities. [read the German article]
by Immanuel Willi
Many IT security trade media and blogs focus on popular attack vectors such as phishing or the “OWASP Top 10”. Physical attacks that require direct access to a device are given less attention. Accordingly, many users think they are secure when the notebook hard disk is encrypted and the Windows desktop is locked. But they are wrong! [read the German article]
Our customers value our expertise and vast project experience of over
Application penetration test projects of banking solutions, online shops, mobile apps, ICS (SCADA/DCS), IoT devices, ERP and CRM solutions, CMS, VoIP systems, etc.
Security audits, e.g. according to ISO 27001, ISO 27002, industry specific guidelines (ISO 27015, 27019, 27799, etc.) or SANS Critical Security Controls
Methods and Standards
Our approach is customized to meet our clients’ specific needs as well as based on «best practice». In addition to our own methods, we also rely on industry-proven standards.
Oneconsult International AG
Tel +41 43 377 22 66
Fax +41 43 377 22 77
Oneconsult Deutschland GmbH
Tel +49 89 248820 600
Fax +49 89 248820 677