Project execution still guaranteed despite COVID-19
Dear customers and interested parties,
Despite the current developments regarding COVID-19, Oneconsult is able to carry out all projects without any loss of quality and without delays. We have already taken the technical and organizational measures years ago to guarantee you the usual high service quality even in this exceptional situation.
Oneconsult adheres to the specifications of the governments of Switzerland and Germany. As in most companies with the corresponding possibilities, the majority of our employees have been working from their home office since the beginning of March. Video and telephone conferences take place via our own or your preferred system. If desired, we can also continue to conduct on-site tests. As always, the data is stored encrypted.
Our digital forensics & incident response team is also on duty for you in this situation around the clock. Thus you continue to receive the usual Oneconsult service.
Note: Unfortunately cyber criminals are currently trying to take advantage of the uncertainty of the population and the not fully occupied offices. Our OCINT-CSIRT has been detecting corresponding activities for days (e.g. fake apps and websites as well as spear-phishing activities). Be vigilant, especially if you make significant changes to your IT due to the current situation (e.g. installation of video conferencing systems or remote access solutions).
We will be happy to answer your questions at: firstname.lastname@example.org or +41 43 377 22 22
Christoph Baumgartner (CEO), Tobias Ellenberger (COO), Tobias Castagna (CTO) and Jan Alsenz (CRO)
Oneconsult group is your renowned Swiss cyber security services partner since 2003 with offices in Switzerland and Germany and 2000+ completed security projects worldwide. Get expert advice from an owner-managed and vendor-independent consultancy with 40+ highly qualified cyber security experts, including certified ethical hackers / penetration testers (OPST, OPSA, OSCP, OSCE, GXPN), digital forensics specialists (GCFA, GCFE, GREM, GNFA), ISO security auditors (ISO 27001 Lead Auditor, ISO 27005 Risk Manager, ISO 27035 Incident Manager) and dedicated IT security researchers to solve even your most demanding information security challenges. Together we address your external and internal threats such as malware infections, hacker attacks and APT as well as digital fraud and data leakage with core services like penetration tests / ethical hacking, real-life APT tests and ISO 27001 security audits. In case of emergency, Oneconsult’s Digital Forensics & Incident Response (DFIR) team supports you with around-the-clock expert assistance (24 h x 365 days).
On the virtual Hacking Day, Branch Manager and Senior Penetration Tester Yves Kraft will introduce you to the MITRE ATT&CK Framework.
Under the title «Angriff und Verteidigung heute – Live Hacking inspiriert vom MITRE ATT&CK Framework» (Tech Track from 11:45 to 12:30) a ransomware attack with Ryuk is analyzed using the MITRE ATT&CK Framework.
Further information and registration: https://www.digicomp.ch/events/it-professionals-events/tagesevent-virtueller-hacking-day-2020
Talk with Live Hacking
When & Where:
4.12.2019, Zühlke – PostParc Hochhaus
Bogenschützenstrasse 9A, 3008 Bern
free of charge
E-Mail to email@example.com
Even if fundamental security risks such as cross-site scripting (XSS) or SQL injections are mitigated during application development, web applications and interfaces are susceptible to vulnerabilities.
In Java aktuell 01/2020, Senior Penetration Tester & Security Consultant Frank Ully writes about lesser known types of vulnerabilties in web applications and APIs (PDF; in German).
Unfortunately, security incidents cannot always be avoided. To make sure you don’t get caught in the cold, this article published in the German magazine
by Sandro Affentranger
This is the second article on passwords. Recommendations for strong passwords have hardly changed over the years. Only recently it has become clear that the recommendations made so far have created certain patterns that can be exploited by attackers – this has led to a paradigm shift in password policies. This article presents the results of a Password Quality Audit carried out by Oneconsult at an international industrial company. [read the German article]
by Jakob Kunzmann
This article deals with the OWASP Top 10 on the Internet of Things, a list of the top ten security risks in the IoT area, published by the Open Web Application Security Project (OWASP).
Read the full german article here: https://www.oneconsult.com/de/owasp-iot-top-10-teil-2/.
Our customers value our expertise and vast project experience of over
Application penetration test projects of banking solutions, online shops, mobile apps, ICS (SCADA/DCS), IoT devices, ERP and CRM solutions, CMS, VoIP systems, etc.
Security audits, e.g. according to ISO 27001, ISO 27002, industry specific guidelines (ISO 27015, 27019, 27799, etc.) or SANS Critical Security Controls
Methods and Standards
Our approach is customized to meet our clients’ specific needs as well as based on «best practice». In addition to our own methods, we also rely on industry-proven standards.
Oneconsult International AG
+41 43 377 22 22
Oneconsult Deutschland GmbH
+49 89 248820 600