We protect companies
against hackers and criminals.
What we do
We protect companies against hackers and criminals. Our work is as dynamic and diverse as the threat itself. As an accredited assessor, we advise and certify companies worldwide according to the specifications of the credit card industry and other international IT security standards. The experts at usd HeroLab identify vulnerabilities in IT systems and applications. Our security consultants advise companies holistically on questions of information security, risk management, and IT compliance. The Cyber Security Transformation Academy (CST Academy) promotes exchange and knowledge transfer within the community. more security is our mission.
What does usd stand for?
When usd was founded in 1994, the three-letter code stood for management consulting, security and services and described our then broad portfolio of services. Over the years, usd has developed and refined its portfolio. Today, the three-letter code stands for our mission and our values:
Unabhängigkeit (independence)
We’re a community of experts. We’re independent from products, haven’t taken out any loans, aren’t dominated by a client, we’re inventing ourselves. “U” is for “Unabhängigkeit”.
Sicherheit (security)
The center of our name and the center of what we do. We protect companies against hackers and criminals. “S” is for “Sicherheit” (Security).
Demut (humility)
No one is all-knowing, there is no absolute security. We are aware of our responsibility and we know that our task is complex. That’s why we share our knowledge, cooperate with the best and dedicate each day to “more security”. “D” is for “Demut” (Humility).
Our commitment
In order to protect businesses against hackers and criminals, we must ensure that our skills and knowledge are up to date at all times. Therefore, security research is just as important to our work as is building up a security community to promote an exchange of knowledge. After all, more security can only be achieved if many people take on the task.
Building competence. Sharing knowledge. Acting together.
Live Hacking
Seminars & Training
Webinars
Cyber Security Forums
Seminars & Trainings
Webinars
Cyber Security Forums
Partner to Leading Institutes
- CAST
-
ATHENE
- Allianz für Cybersicherheit
Security Research
- Responsible Disclosure
- Security Advisories
- Articles & Publications
- BioMobile II
- KMU AWARE
Committed to Teaching
Our Management
Andrea Tubach
Chair of Executive Board
Andreas Duchmann
Member of Executive Board
Matthias Göhring
Member of Executive Board
Christopher Kristes
Member of Executive Board
Daniel Heyne
Authorized Signatory
Jan Kemper
Authorized Signatory
Anna-Magdalena Kohl
Authorized Signatory
Stephan Neumann
Authorized Signatory
Andrea Rupprich
Authorized Signatory
Torsten Schlotmann
Authorized Signatory
Felix Schmidt
Authorized Signatory
Dr. Christian Schwartz
Authorized Signatory
Download our Company Brochure
Our references
Customer Stories
Joint Success: Partners Support German Automotive Manufacturer along the Journey to PCI Compliance
Regardless of the business sector, customers value flexibility when it comes to processing payments for services and products. A leading German automotive manufacturer was therefore faced with the challenge of implementing a secure and efficient solution for...
BoostAeroSpace and usd AG: A Partnership for More Security in the Aerospace Industry
In today’s business environment, companies rely on a broad network of partners and service providers to deliver their services efficiently. Digital supply chain integration offers significant gains in efficiency – but it also increases the risk of cyberattacks....
Marathon at Sprint Speed – LANCOM Systems Builds Certifiable ISMS
In an age when digitalization has become the norm in almost every industry, information security is becoming increasingly important for companies. In March of this year, LANCOM Systems, a leading European manufacturer of network and security solutions, achieved...
When Pentest Planning Becomes a Game of Tetris - A Look behind the Scenes of an Extensive Pentest Project with HanseMerkur
In a world where security and efficiency must go hand in hand, our recent project with HanseMerkur Krankenversicherung AG shows how crucial good organization and clear communication are to the success of a pentest project. Despite a tight timeframe and the challenge...
Information Security in the Financial Sector: How Frankfurter Sparkasse is Tackling the Mammoth Task
The digital transformation in the financial sector has created new areas of attack for cyber criminals and therefore significant risks for companies. The result: ever-increasing internal and external demands on the information security of financial institutions and...
Information Security in a Multinational Corporate Environment: VertiGIS Establishes Centrally Managed ISMS and Achieves ISO 27001 Certification
Especially in fast-growing industries, companies are faced with the challenge of adapting their information security to the constantly growing risks. The implementation of ISO 27001 measures is an effective tool for reducing risks from cyber attacks, data breaches and...
Cloud Provider plusserver Certified According to PCI DSS v4.0
At the beginning of 2024, the leading German cloud provider plusserver was certified by usd AG according to the globally mandatory PCI DSS v4.0 credit card security standard. With its cloud platforms, plusserver provides its customers with a data-sovereign and...
Security Assessment at All Levels: Pentest and Cloud Security Audit at Deutsche Fiskal
The need for a pentest is often driven by compliance requirements. However, in many cases, a pentest alone is not enough to make a reliable statement about the security level in the company. Especially when applications are hosted in the cloud, additional attack...
More Security for Highly Specialized Solution: Solaris SE Certified According to PCI DSS
Solaris SE, technology company with a full German banking license, successfully completed the PCI DSS certification project with usd AG in June 2023. Solaris SE thus offers its customers a demonstrably more secure environment for credit card data. As an issuing bank,...
“The Journey to Harmonisation of Global PCI Assessments”: Joint Contribution of Worldline and usd to the PCI SSC Community Meeting Europe
PCI DSS applies to all companies that store, process or transmit payment card data. However, large and global organizations in particular face PCI DSS challenges related to their size, structure, geographic distribution, and business operations. Resulting network...