TLPT: Ensure Readiness. Start Preparing Now.

Are you expecting a request for Threat-Led Penetration Testing from your supervisory authority? We will accompany you.

NIS-2 Implementation Act Now In Force

The new requirements apply from 06.12.25 - without a transition period.

AI with Security in Mind. Right from the Start.

AI is changing processes. We accompany you from initial choice to operation – ensuring that security and compliance are considered right from the start.

Learn more

DORA: Have You Implemented All Mandatory Requirements?

From harmonization to ICT third-party oversight: We are at your side.

Learn more

Identify the Vulnerabilities in Your IT Infrastructure

Protect your company proactively.

Learn more

Our focus. more security.

Security Audits

NIS-2. KRITIS. Supply Chain. Cloud. Due Diligence.

Learn more

PCI & Payment Security

DSS. SSF. P2PE. 3DS. PIN. SWIFT. Consulting. Assessments. Certifications. ASV Scans.

Learn more

Pentests & Red Teaming

Systems. Applications. Mainframes. SAP. Cloud. AD. Red Team Assessments.

Learn more

Security Analyses

Security Scans. Code Review. Incident Response. Forensik. Vulnerability Management.

Learn more

Security Consulting: ISMS / ISO 27001

Strategy. Consulting. Implementation. Audit Readiness.

Learn more

Security Consulting: InfoSec in Finance

DORA. Regulatory Requirements. Strategy. Consulting. Implementation.

Learn more

~200

Employees

1994

Founding year

3

Locations

(Neu-Isenburg, Cologne, Munich)

> 900

Customers worldwide

News

Assessing the Security of AI Chatbots: Pentests Uncover Critical Vulnerabilities in LLM Platforms

Jan 9, 2026 | AI, News, Pentests & Security Analyses, usd HeroLab

Artificial intelligence (AI) is transforming the business world. Large language model (LLM) platforms in particular are increasingly finding their way into companies across a wide range of industries. Many are choosing in-house hosted solutions to protect sensitive...

Security Advisories on OrangeHRM und memos

Dec 16, 2025 | News, Pentests & Security Analyses, Security Advisories, usd HeroLab

The pentest professionals at usd HeroLab identified multiple vulnerabilities in the applications OrangeHRM and memos during web application pentests. The vulnerabilities were reported to the vendors as part of the Responsible Disclosure Policy. Detailed information on...

DORA Deep Dive: Threat-Led Penetration Testing (TLPT)

Dec 11, 2025 | Financial Sector & Compliance, News, Pentests & Security Analyses

Since the publication of the original blog post in May 2024, the final version of the RTS for TLPT has been released. The blog post has been updated accordingly and now covers the current requirements. The Digital Operational Resilience Act (DORA) came into force on...

Our certifications and accreditations

TLPT: Ensure Readiness. Start Preparing Now.

NIS-2 Implementation Act Now In Force

AI with Security in Mind. Right from the Start.

Ready for Part-IS Compliance?

DORA: Have You Implemented All Mandatory Requirements?

Identify the Vulnerabilities in Your IT Infrastructure

PCI DSS v4.0.1

Ready for ISO 27001?

Our focus. more security.

Security Audits

PCI & Payment Security

Pentests & Red Teaming

Security Analyses

Security Consulting: ISMS / ISO 27001

Security Consulting: InfoSec in Finance

Employees

Founding year

Locations

(Neu-Isenburg, Cologne, Munich)

Customers worldwide

News

Assessing the Security of AI Chatbots: Pentests Uncover Critical Vulnerabilities in LLM Platforms

Security Advisories on OrangeHRM und memos

DORA Deep Dive: Threat-Led Penetration Testing (TLPT)

Our certifications and accreditations

usd AG

News

Assessing the Security of AI Chatbots: Pentests Uncover Critical Vulnerabilities in LLM Platforms

Security Advisories on OrangeHRM und memos

DORA Deep Dive: Threat-Led Penetration Testing (TLPT)

Follow Us