We are hiring

(f/m, 100%): Your exciting new job at Oneconsult? If you are a native German speaker, we are looking for you to strengthen our top-flight cyber security team.

Job descriptions

OWASP IoT Top 10 – Part 1

by Jakob Kunzmann

This is the first of two articles presenting the OWASP Top 10 on the Internet of Things, a list of the top ten security risks in IoT, published by the Open Web Application Security Project (OWASP). In this article, the technical aspects of IoT risks are described and, if possible, prominent cases in which they have been exploited are highlighted. If applicable examples exist, the focus will be on malware or attacks for industrial IoT applications. [read the German article]

Pivoting Through a Web Application to the Internal Domain

by Severin Wischmann & Markus Schalch

Penetration testing projects are all about the defined scope and objective, i.e. which systems, entry points, personal or company sites may be attacked, and what specific scenarios should be tested for. These two properties are usually defined at the beginning of the project with the client, which requires a trade-off to be made between completeness and feasibility from a temporal point of view.