de Deutsch en English
binsec GmbH

Projects

Below you can find some selected examples of our project references. Some technical security details may have been altered to protect confidentiality and to adhere NDAs.

Forensic & Incident Response

Forensic Analyses of a Creditcard Data Theft

  • Digital Forensics
  • PCI DSS
  • CreditCard Data
Performing forensic analyses require a deep technical understanding and experience. A good example of that is a forensic analysis we performed regarding a potential credit card data theft. Details

Incident Response DDoS-Angriff

  • Incident Response
  • DDoS
  • Mitigation
Having the experience in designing and setting up high available and secure infrastructure networks, we came across multiple DDoS issues we successfully resolved. Details
IT Security

Designing Juniper IPsec Tunnels

  • Juniper SRX
  • IPSec
Building IPSec tunnels networks is a day-to-day project we have in security related environments. Details

Juniper MX/SRX/EX High Availability Infrastructure

  • Juniper MX
  • Juniper SRX
  • Juniper EX
  • Virtual Chassis
Designing and operating high available and secure IT infrastructure based on Juniper technology is not only a task we do for our own binsec academy training environments. We also advise customer in how to do that. Details

ModSecurity WAF using a Whitelist Approach

  • ModSecurity
  • WAF
  • Web Application Firewall
Web Application Firewalls usually detect and prevent attacks like SQL injection, but they may suffer under False Positives. We designed and implemented a specific whitelist approach to solve that. Details

Salt Automation Infrastructure Management

  • salt
  • automation
  • infrastructure
  • python3
Automation of configuration changes is a must have when you are managing multiple servers. We use salt to manage a Linux server’s configuration for various reasons. Details
Penetration Testing

Testing of external IT infrastructures with large IP networks

  • Penetration Testing
  • external IT infrastructures
We regularly receive customer inquiries who would like to have their publicly accessible IT checked for vulnerabilities. In the case of very large IP networks, this can get difficult in terms of time. Details

Security Analysis for an international Travel Booking Portal

  • Penetration Testing
  • Travel
  • Booking
During the pentest of a booking portal for an international travel agency, we had to pay particular attention to the relevant limitations during the test. Details

Penetration Test for Online Sports Betting Provider

  • Penetration Testing
  • Sports Betting
Licensed online sports betting providers are subject to special regulatory requirements that may also affect a penetration test. Details

Penetration Testing Payment APIs

  • Penetration Testing
  • Payment API
Pentesting payment APIs is a typically assignment, we did countless times. Even if the basis is checking against OWASP Top 10, we still take a look on more logical security topics, too. Details