Below you can find some selected examples of our project references.
Some technical security details may have been altered to protect confidentiality and to adhere NDAs.
Forensic & Incident Response
Forensic Analyses of a Creditcard Data Theft
Performing forensic analyses require a deep technical understanding and experience.
A good example of that is a forensic analysis we performed regarding a potential credit card data theft.
Incident Response DDoS-Angriff
Having the experience in designing and setting up high available and secure infrastructure networks, we came across multiple DDoS issues we successfully resolved.
Designing Juniper IPsec Tunnels
Building IPSec tunnels networks is a day-to-day project we have in security related environments.
Juniper MX/SRX/EX High Availability Infrastructure
Designing and operating high available and secure IT infrastructure based on Juniper technology is not only a task we do for our own binsec academy training environments.
We also advise customer in how to do that.
ModSecurity WAF using a Whitelist Approach
Web Application Firewall
Web Application Firewalls usually detect and prevent attacks like SQL injection, but they may suffer under False Positives.
We designed and implemented a specific whitelist approach to solve that.
Salt Automation Infrastructure Management
Automation of configuration changes is a must have when you are managing multiple servers.
We use salt to manage a Linux server’s configuration for various reasons.
Testing of external IT infrastructures with large IP networks
external IT infrastructures
We regularly receive customer inquiries who would like to have their publicly accessible IT checked for vulnerabilities.
In the case of very large IP networks, this can get difficult in terms of time.
Security Analysis for an international Travel Booking Portal
During the pentest of a booking portal for an international travel agency, we had to pay particular attention to the relevant limitations during the test.
Penetration Test for Online Sports Betting Provider
Licensed online sports betting providers are subject to special regulatory requirements that may also affect a penetration test.
Penetration Testing Payment APIs
Pentesting payment APIs is a typically assignment, we did countless times.
Even if the basis is checking against OWASP Top 10, we still take a look on more logical security topics, too.