TLPT: Ensure Readiness. Start Preparing Now.

Are you expecting a request for Threat-Led Penetration Testing from your supervisory authority? We will accompany you.

NIS-2 Implementation Act Now In Force

The new requirements apply from 06.12.25 - without a transition period.

AI with Security in Mind. Right from the Start.

AI is changing processes. We accompany you from initial choice to operation – ensuring that security and compliance are considered right from the start.

Learn more

DORA: Have You Implemented All Mandatory Requirements?

From harmonization to ICT third-party oversight: We are at your side.

Learn more

Identify the Vulnerabilities in Your IT Infrastructure

Protect your company proactively.

Learn more

Our Focus. more security.

Security Audits

NIS-2. KRITIS. Supply Chain. Cloud. Due Diligence.

Learn more

PCI & Payment Security

DSS. SSF. P2PE. 3DS. PIN. SWIFT. Consulting. Assessments. Certifications. ASV Scans.

Learn more

Pentests & Red Teaming

Systems. Applications. Mainframes. SAP. Cloud. AD. Red Team Assessments.

Learn more

Security Analyses

Security Scans. Code Review. Incident Response. Forensik. Vulnerability Management.

Learn more

Security Consulting: ISMS / ISO 27001

Strategy. Consulting. Implementation. Audit Readiness.

Learn more

Security Consulting: InfoSec in Finance

DORA. Regulatory Requirements. Strategy. Consulting. Implementation.

Learn more

~200

Employees

1994

Founding year

3

Locations

(Neu-Isenburg, Cologne, Munich)

> 900

Customers worldwide

Our Clients

Our Certifications and Accreditations

Our Commitment to the Community

News

Effectively Implementing Third-Party Risk Management under DORA

Mar 25, 2026 | Financial Sector & Compliance, News

The Digital Operational Resilience Act (DORA) is now a reality for financial institutions and their service providers. In 2026, the focus will shift to the practical implementation of third-party risk management at financial institutions, as BaFin will conduct its...

Deep Dive Into Red Teaming: Physical Pentesting. How Resilient Is Your Organization?

Mar 19, 2026 | News, Pentests & Security Analyses, usd HeroLab

As a security manager, you protect your systems and processes every day and invest in awareness training. However, experience shows that physical attacks are an often underestimated attack vector. Attackers combine digital and physical methods. This is where Red...

Security Advisories on Kofax Communication Server and ArcGIS Arcade

Mar 17, 2026 | News, Pentests & Security Analyses, Security Advisories, usd HeroLab

The pentest professionals at usd HeroLab examined Kofax Communication Server (KCS) and ArcGIS scripting language Arcade as part of web application pentests and identified several vulnerabilities. Two of the vulnerabilities result from...

TLPT: Ensure Readiness. Start Preparing Now.

NIS-2 Implementation Act Now In Force

AI with Security in Mind. Right from the Start.

Ready for Part-IS Compliance?

DORA: Have You Implemented All Mandatory Requirements?

Identify the Vulnerabilities in Your IT Infrastructure

PCI DSS v4.0.1

Ready for ISO 27001?

Our Focus. more security.

Security Audits

PCI & Payment Security

Pentests & Red Teaming

Security Analyses

Security Consulting: ISMS / ISO 27001

Security Consulting: InfoSec in Finance

Employees

Founding year

Locations

(Neu-Isenburg, Cologne, Munich)

Customers worldwide

Our Clients

Our Certifications and Accreditations

Our Commitment to the Community

News

Effectively Implementing Third-Party Risk Management under DORA

Deep Dive Into Red Teaming: Physical Pentesting. How Resilient Is Your Organization?

Security Advisories on Kofax Communication Server and ArcGIS Arcade

usd AG

News

Effectively Implementing Third-Party Risk Management under DORA

Deep Dive Into Red Teaming: Physical Pentesting. How Resilient Is Your Organization?

Security Advisories on Kofax Communication Server and ArcGIS Arcade

Follow Us