Presentation: “Beyond OWASP Top 10 – Über welche Schwachstellen werden Webanwendungen angegriffen, wenn die wesentlichen Grundlagen der OWASP Top 10 abgesichert sind? Fälle aus der Praxis”. Speaker is Senior Penetration Tester & Security Consultant Frank Ully.

Presentation: “How (not) to trust your devices” by Senior Penetration Tester, IT-Forensiker & Security Researcher Rafael Scheel.

by Yves Kraft

The webinar explains and simulates two popular attacks on domain controllers in Windows environments. Link to Webinar: https://www.netwrix.com/dcshadow

FIRST is a global network of incident response and security teams dedicated to promoting collaboration and coordination in this area and actively sharing information among members to respond more effectively to security incidents. FIRST has more than 400 members worldwide.
Further information about FIRST can be found here: https://www.first.org/
You will find information about our services in this area under the following link: https://www.oneconsult.com/de/incident-response-it-forensics/

by Severin Wischmann

This is the first installment in a multi-part series about malware and how to analyze it. The article discusses the basics of malware. In further articles of this series, different facets of the analysis will be examined in detail. [read the German article]

by Alex Wettstein

The Open Web Application Security Projekt – better known as OWASP, is a manufacturer independent non-profit-Organization with the aim of making (web) applications more secure.

One of their flagship projects is the «Application Security Verification Standard», better known as ASVS. Version 4 of ASVS was released today. This article explains the ASVS and how it can support you as the person responsible for IT Security in your daily duties within your enterprise. [read the German article]