References

Physical inspection of the premises and assessment of structural measures with regard to physical security

Creation of a self assessment questionnaire for cloud providers on the basis of ISO 27002 and 27017. Support of the self assessments according to the created questionnaire as well as CAIQ

Penetration test of a web application that enables investment advice based on defined goals

IAM audit focusing on processes and controls in the Windows AD environment. Analysis of the security level on the basis of ISO 27002, verification by means of an interview and document review; bespoke suggestions for improvements on information security incl. risk-based and prioritized measures

Audit of a component of a mobile app with regard to possible vulnerability and information disclosure

Definition of controls and creation of policies in order to address audit findings (e.g. patch management policy, penetration testing policy, third party/cloud assessment procedures and IT desaster recovery)

Audit of a corporate WLAN infrastructure

Review of a configuration of web browser policies

Web application penetration test of an online tool to create quotes for insurance packages

Web application penetration test and partial code review of a newly developed internal web application

Application Penetration Test of two API interfaces for a mobile application, which handles sensitive personal information

Web application penetration test of a dataprocessing system

Security audit of the authentication within an app for Android and iOS

Securit audit of a file transfer application

Consulting regarding cloud-web-application-firewall authentication

Password quality assessment by extensive password cracking of user and service accounts in Active Directory

Penetration test of the online banking portal

Penetration test of an internal IdM environment

Comprehensive audit of mobile applications and their according APIs

Security audit of an admin portal for internal employees and external APIs for use by third-parties