Our focus. more security.
Security Audits
NIS-2. KRITIS. Supply Chain. Cloud. Due Diligence.
PCI & Payment Security
DSS. SSF. P2PE. 3DS. PIN. SWIFT. Consulting. Assessments. Certifications. ASV Scans.
Pentests & Red Teaming
Systems. Applications. Mainframes. SAP. Cloud. AD. Red Team Assessments.
Security Analyses
Security Scans. Code Review. Incident Response. Forensik. Vulnerability Management.
Security Consulting: ISMS / ISO 27001
Strategy. Consulting. Implementation. Audit Readiness.
Security Consulting: InfoSec in Finance
DORA. Regulatory Requirements. Strategy. Consulting. Implementation.
~200
Employees
1994
Founding year
3
Locations
(Neu-Isenburg, Cologne, Munich)
> 900
Customers worldwide
News
Security Advisories on OrangeHRM und memos
The pentest professionals at usd HeroLab identified multiple vulnerabilities in the applications OrangeHRM and memos during web application pentests. The vulnerabilities were reported to the vendors as part of the Responsible Disclosure Policy. Detailed information on...
DORA Deep Dive: Threat-Led Penetration Testing (TLPT)
Since the publication of the original blog post in May 2024, the final version of the RTS for TLPT has been released. The blog post has been updated accordingly and now covers the current requirements. The Digital Operational Resilience Act (DORA) came into force on...
After Drafts, Amendments, and Hearings, the NIS2UmsuCG Will Officially Enter Into Force in Germany on 06.12.2025
The NIS-2 Directive became binding in the EU at the beginning of 2023 in order to ensure a consistently high level of protection for critical and important services in all member states. The first step for the states was to implement the directive into national law....
Our certifications and accreditations
