The pentest professionals at usd HeroLab examined the PRTG Network Monitor web application as part of web application pentests and identified...
Security Advisories on PRTG Network Monitor
read more
Pentests & Security Analyses
Assessing the Security of AI Chatbots: Pentests Uncover Critical Vulnerabilities in LLM Platforms
Artificial intelligence (AI) is transforming the business world. Large language model (LLM) platforms in particular are increasingly finding their...
Security Advisories on OrangeHRM und memos
The pentest professionals at usd HeroLab identified multiple vulnerabilities in the applications OrangeHRM and memos during web application...
DORA Deep Dive: Threat-Led Penetration Testing (TLPT)
Since the publication of the original blog post in May 2024, the final version of the RTS for TLPT has been released. The blog post has been updated...
Red Teaming: 5 Questions Every IT Leader Wants Answered
Many companies invest in firewalls, endpoint protection, and awareness training, assuming that this puts them in a strong position. But the reality...
OWASP Top 10 2025 Released: Our Insights and Contribution
The OWASP Top 10 is considered the global standard for web application security. It highlights the main risks and indicates where companies should...
From Windows 10 to 11: Pentest Protects Against Vulnerabilities After Migration
On October 14, 2025, Microsoft stopped supporting Windows 10, forcing many companies to switch to Windows 11. This not only offers new features but...
Revealing XSS Vulnerabilities in Web Application Pentests: Understanding the Risk
Cross-site scripting (XSS) is one of the most well-known vulnerabilities in web applications, yet our security analysts at usd HeroLab encounter it...
Avoid Pitfalls During ASV Scans: Practical Tips for Seamless Scans
Companies that accept, process, or store credit card data must comply with the requirements of the Payment Card Industry Data Security Standard (PCI...
Security Advisories on d.3one and Weblication CMS Core
The pentest professionals at usd HeroLab identified cross-site scripting vulnerabilities in Weblication CMS Core and d.3one during web application...
New BSI Criteria Catalogues: Guidelines for the Use of AI in the Financial and Administrative Sectors
The German Federal Office for Information Security (BSI) has published two new sets of criteria for evaluating Artificial Intelligence (AI). They...
How to Strengthen Your Email Security: Insights from Our Pentesters
Email security is a key factor in application development and system configuration. Vulnerabilities in this environment can lead to data leaks and...