Christian, apart from your project operations, your team of analysts looks into potential security vulnerabilities. Why do you do that?
We can only protect businesses against hackers and criminals effectively if we always keep our skills and knowledge up to date. That’s why security research is just as important for our work as building up a security community to promote the exchange of knowledge.
Does that mean that you share your findings with other security researchers?
Yes, definitely. More security can only be achieved if lots of people take on the task together. We also help security analysts at other companies to identify vulnerabilities and remediate security risks – always in line with our responsible disclosure policies, of course.
What role does the usd HeroLab play in that context?
The usd HeroLab and our usd Akademie are essential parts of our security mission. We use the HeroLab as a training platform ourselves, but we also make it available to companies, research institutes and universities. We run training courses and publish papers to share the knowledge we gain in our practical work and through our research.
What kinds of publications can we expect from you?
The usd HeroLab is going to publish a series of papers on new security vulnerabilities and current security issues. The first paper has already been published. Ralf Almon, one of our senior security consultants and a forensics specialist, has shared his insights into a very interesting issue:
“How a Vulnerable Picture Upload Can Be Exploited Using Manipulated Picture Files”
After Drafts, Amendments, and Hearings, the NIS2UmsuCG Will Officially Enter Into Force in Germany on 06.12.2025
The NIS-2 Directive became binding in the EU at the beginning of 2023 in order to ensure a consistently high level of protection for critical and important services in all member states. The first step for the states was to implement the directive into national law....
