Security consulting
Security training
Security Officer Services
Oneconsult group is your renowned Swiss cyber security services partner since 2003 with offices in Switzerland and Germany and 1500+ completed security projects worldwide. Get expert advice from an owner-managed and vendor-independent consultancy with 30+ highly qualified cyber security experts, including certified penetration testers (OPST, OPSA, OSCP, OSCE, GXPN), digital forensics specialists (GCFA, GCFE, GREM), ISO security auditors (ISO 27001 Lead Auditor, ISO 27005 Risk Manager) and dedicated IT security researchers to solve even your most demanding information security challenges. Together we address your external and internal threats such as malware infections, hacker attacks and APT as well as digital fraud and data leakage with core services like penetration tests / ethical hacking, real-life APT tests and ISO 27001 security audits. In case of emergency, Oneconsult’s incident response & IT forensics team supports you with around-the-clock expert assistance (24 h x 365 days).
Events
08-Feb-18
06-Mar-2018: OSSTMM presentation at the ISSS Security Lunch in Zurich
The Open Source Security Testing Methodology Manual (OSSTMM) is ideal for planning, carrying out and documenting technical security audits. Yves Kraft, an experienced OSSTMM trainer, will focus on the measurability and comparability of OSSTMM-compliant audits in his presentation.
Further information and registration (presentation will be in German):
https://www.isss.ch/veranstaltungen/2018/security-lunch-2018-03-06/
13-Jan-18
18-01-2018: Security Forum Brandenburg: Blockchain – sicher? (Oneconsult speech)
Frank Ully (Penetration Tester & Security Consultant, Oneconsult Deutschland GmbH) explains in his exciting presentation in German the basics of Blockchain, names application areas and highlights the security aspects.
Further information and registration: https://www.security-management.de/security-forum-anmeldung/
News & Advisories
18-Apr-18
Advantages of the OSSTMM
OSSTMM – or in words – Open Source Security Testing Methodology Manual
Your advantages when using a de-facto standard for IT security assessments: OSSTMM trainer Yves Kraft’s (Oneconsult Bern) presentation on this topic
[more]
02-Mar-18
Practical questions and answers concerning the GDPR
Oneconsult is a cyber security consulting company. In the last months questions have repeatedly been asked in meetings and telephone conversations about the consequences of the General Data Protection Regulation (GDPR), which applies on May 25, 2018. Is this a report like many others that deal with fear?
No. If you read on here, you’ll find just some questions of our interlocutors and matching answers, that the Oneconsult team can provide at the moment (as of March 2018). [read the German article]
Pen Tester's Diary
11-Feb-18
Secure passwords for local administrators
In the course of their audit engagements Oneconsult penetration testers are increasingly finding identical passwords used for local administrative users on backend systems and even more often on workstations. Although these passwords are stored as a NTLM hash, an attacker still has ample opportunities to misuse this situation for lateral movement inside a company’s IT infrastructure. This article covers attacks and mitigation opportunities. [read the German article]
24-Jan-18
BadUSB - Gain access in less than 15 seconds
by Immanuel Willi
Many IT security trade media and blogs focus on popular attack vectors such as phishing or the “OWASP Top 10”. Physical attacks that require direct access to a device are given less attention. Accordingly, many users think they are secure when the notebook hard disk is encrypted and the Windows desktop is locked. But they are wrong! [read the German article]
Our customers value our expertise and vast project experience of over
Penetration test projects, over 850 of which OSSTMM-compliant
Application penetration test projects of banking solutions, online shops, mobile apps, ICS (SCADA/DCS), IoT devices, ERP and CRM solutions, CMS, VoIP systems, etc.
Security audits, e.g. according to ISO 27001, ISO 27002, industry specific guidelines (ISO 27015, 27019, 27799, etc.) or SANS Critical Security Controls
Incident response & IT forensics projects
Methods and Standards
Our approach is customized to meet our clients’ specific needs as well as based on «best practice». In addition to our own methods, we also rely on industry-proven standards.
Holding
Oneconsult International AG
Schuetzenstrasse 1
8800 Thalwil
Switzerland
Tel +41 43 377 22 66
Fax +41 43 377 22 77
info@oneconsult.com
Switzerland
Headquarters
Oneconsult AG
Schuetzenstrasse 1
8800 Thalwil
Switzerland
Tel +41 43 377 22 22
Fax +41 43 377 22 77
info@oneconsult.com
Oneconsult AG
Baerenplatz 7
3011 Bern
Switzerland
Tel +41 31 327 15 15
Fax +41 31 327 15 25
info@oneconsult.com
Germany
Oneconsult Deutschland GmbH
Agnes-Pockels-Bogen 1
80992 Munich
Germany
Tel +49 89 248820 600
Fax +49 89 248820 677
info@oneconsult.com
