Below you can find some selected examples of our project references.
Some technical security details may have been altered to protect confidentiality and to adhere NDAs.
Forensic & Incident Response
Forensic Analyses of a Creditcard Data Theft
Digital Forensics
PCI DSS
CreditCard Data
Performing forensic analyses require a deep technical understanding and experience.
A good example of that is a forensic analysis we performed regarding a potential credit card data theft.
Details
Incident Response DDoS-Angriff
Incident Response
DDoS
Mitigation
Having the experience in designing and setting up high available and secure infrastructure networks, we came across multiple DDoS issues we successfully resolved.
Details
IT Security
Designing Juniper IPsec Tunnels
Juniper SRX
IPSec
Building IPSec tunnels networks is a day-to-day project we have in security related environments.
Details
Juniper MX/SRX/EX High Availability Infrastructure
Juniper MX
Juniper SRX
Juniper EX
Virtual Chassis
Designing and operating high available and secure IT infrastructure based on Juniper technology is not only a task we do for our own binsec academy training environments.
We also advise customer in how to do that.
Details
ModSecurity WAF using a Whitelist Approach
ModSecurity
WAF
Web Application Firewall
Web Application Firewalls usually detect and prevent attacks like SQL injection, but they may suffer under False Positives.
We designed and implemented a specific whitelist approach to solve that.
Details
Salt Automation Infrastructure Management
salt
automation
infrastructure
python3
Automation of configuration changes is a must have when you are managing multiple servers.
We use salt to manage a Linux server’s configuration for various reasons.
Details
Penetration Testing
Testing of external IT infrastructures with large IP networks
Penetration Testing
external IT infrastructures
We regularly receive customer inquiries who would like to have their publicly accessible IT checked for vulnerabilities.
In the case of very large IP networks, this can get difficult in terms of time.
Details
Security Analysis for an international Travel Booking Portal
Penetration Testing
Travel
Booking
During the pentest of a booking portal for an international travel agency, we had to pay particular attention to the relevant limitations during the test.
Details
Penetration Test for Online Sports Betting Provider
Penetration Testing
Sports Betting
Licensed online sports betting providers are subject to special regulatory requirements that may also affect a penetration test.
Details
Penetration Testing Payment APIs
Penetration Testing
Payment API
Pentesting payment APIs is a typically assignment, we did countless times.
Even if the basis is checking against OWASP Top 10, we still take a look on more logical security topics, too.
Details