We protect companies
against hackers and criminals.
What we do
We protect companies against hackers and criminals. Our work is as dynamic and diverse as the threat itself. As an accredited assessor, we advise and certify companies worldwide according to the specifications of the credit card industry and other international IT security standards. The experts at usd HeroLab identify vulnerabilities in IT systems and applications. Our security consultants advise companies holistically on questions of information security, risk management, and IT compliance. The Cyber Security Transformation Academy (CST Academy) promotes exchange and knowledge transfer within the community. more security is our mission.
What does usd stand for?
When usd was founded in 1994, the three-letter code stood for management consulting, security and services and described our then broad portfolio of services. Over the years, usd has developed and refined its portfolio. Today, the three-letter code stands for our mission and our values:
Unabhängigkeit (independence)
We’re a community of experts. We’re independent from products, haven’t taken out any loans, aren’t dominated by a client, we’re inventing ourselves. “U” is for “Unabhängigkeit”.
Sicherheit (security)
The center of our name and the center of what we do. We protect companies against hackers and criminals. “S” is for “Sicherheit” (Security).
Demut (humility)
No one is all-knowing, there is no absolute security. We are aware of our responsibility and we know that our task is complex. That’s why we share our knowledge, cooperate with the best and dedicate each day to “more security”. “D” is for “Demut” (Humility).
Our commitment
In order to protect businesses against hackers and criminals, we must ensure that our skills and knowledge are up to date at all times. Therefore, security research is just as important to our work as is building up a security community to promote an exchange of knowledge. After all, more security can only be achieved if many people take on the task.
Live Hacking
Seminars & Training
Webinars
Cyber Security Forums
Seminars & Trainings
Webinars
Cyber Security Forums
Our Management
Manfred Tubach
Chairman of Executive Board
Andreas Duchmann
Member of Executive Board
Matthias Göhring
Member of Executive Board
Christopher Kristes
Member of Executive Board
Andrea Tubach
Member of Executive Board
Daniel Heyne
Authorized Signatory
Jan Kemper
Authorized Signatory
Anna-Magdalena Kohl
Authorized Signatory
Stephan Neumann
Authorized Signatory
Andrea Rupprich
Authorized Signatory
Torsten Schlotmann
Authorized Signatory
Felix Schmidt
Authorized Signatory
Dr. Christian Schwartz
Authorized Signatory
Download our Company Brochure
Our references
Customer Stories
When Pentest Planning Becomes a Game of Tetris - A Look behind the Scenes of an Extensive Pentest Project with HanseMerkur
In a world where security and efficiency must go hand in hand, our recent project with HanseMerkur Krankenversicherung AG shows how crucial good organization and clear communication are to the success of a pentest project. Despite a tight timeframe and the challenge...
Information Security in the Financial Sector: How Frankfurter Sparkasse is Tackling the Mammoth Task
The digital transformation in the financial sector has created new areas of attack for cyber criminals and therefore significant risks for companies. The result: ever-increasing internal and external demands on the information security of financial institutions and...
Information Security in a Multinational Corporate Environment: VertiGIS Establishes Centrally Managed ISMS and Achieves ISO 27001 Certification
Especially in fast-growing industries, companies are faced with the challenge of adapting their information security to the constantly growing risks. The implementation of ISO 27001 measures is an effective tool for reducing risks from cyber attacks, data breaches and...
Cloud Provider plusserver Certified According to PCI DSS v4.0
At the beginning of 2024, the leading German cloud provider plusserver was certified by usd AG according to the globally mandatory PCI DSS v4.0 credit card security standard. With its cloud platforms, plusserver provides its customers with a data-sovereign and...
Security Assessment at All Levels: Pentest and Cloud Security Audit at Deutsche Fiskal
The need for a pentest is often driven by compliance requirements. However, in many cases, a pentest alone is not enough to make a reliable statement about the security level in the company. Especially when applications are hosted in the cloud, additional attack...
More Security for Highly Specialized Solution: Solaris SE Certified According to PCI DSS
Solaris SE, technology company with a full German banking license, successfully completed the PCI DSS certification project with usd AG in June 2023. Solaris SE thus offers its customers a demonstrably more secure environment for credit card data. As an issuing bank,...
“The Journey to Harmonisation of Global PCI Assessments”: Joint Contribution of Worldline and usd to the PCI SSC Community Meeting Europe
PCI DSS applies to all companies that store, process or transmit payment card data. However, large and global organizations in particular face PCI DSS challenges related to their size, structure, geographic distribution, and business operations. Resulting network...
BoostAeroSpace Partners with usd for AirCyber Maturity Assessments
In today’s business world, organizations rely on a broad network of partners and service providers to efficiently render their services. While in many cases suppliers make critical contributions to the success of an organization, they can also pose a significant...
Eurowings GmbH Achieves ISO/IEC 27001:2013 and PCI DSS Certifications with Support from usd AG
As for many companies in the aviation industry, the summer of 2022 was marked by extreme challenges for Eurowings GmbH: the pandemic, the tense situation at many airports, and the war in Ukraine, to name just the biggest. Eurowings has recognized that it is all the...
More Security in Healthcare: POLAVIS GmbH Submits Web Application for Pentest by usd AG
POLAVIS develops and implements digital patient portals and innovative eHealth solutions for hospitals. This supports the networking of healthcare stakeholders and the consistent integration of the patient. The Hospital Future Act (Krankenhauszukunftsgesetz, KHZG)...