Christian Frei on the usd HeroLab and the importance of expert knowledge sharing

10. April 2017

Christian, apart from your project operations, your team of analysts looks into potential security vulnerabilities. Why do you do that?
We can only protect businesses against hackers and criminals effectively if we always keep our skills and knowledge up to date. That’s why security research is just as important for our work as building up a security community to promote the exchange of knowledge.
Does that mean that you share your findings with other security researchers?
Yes, definitely. More security can only be achieved if lots of people take on the task together. We also help security analysts at other companies to identify vulnerabilities and remediate security risks – always in line with our responsible disclosure policies, of course.
What role does the usd HeroLab play in that context?
The usd HeroLab and our usd Akademie are essential parts of our security mission. We use the HeroLab as a training platform ourselves, but we also make it available to companies, research institutes and universities. We run training courses and publish papers to share the knowledge we gain in our practical work and through our research.
What kinds of publications can we expect from you?
The usd HeroLab is going to publish a series of papers on new security vulnerabilities and current security issues. The first paper has already been published. Ralf Almon, one of our senior security consultants and a forensics specialist, has shared his insights into a very interesting issue:
“How a Vulnerable Picture Upload Can Be Exploited Using Manipulated Picture Files”

Also interesting:

AI Vulnerability Storm: When a Lack of Speed Becomes a Risk

AI Vulnerability Storm: When a Lack of Speed Becomes a Risk

Current developments in AI systems show that vulnerabilities are found more quickly, suitable exploits are developed more quickly, and attacks are increasingly implemented automatically. This significantly reduces the time between discovery and exploitation. What used...

Bafin Publishes 9th Amendment to MaRisk

Bafin Publishes 9th Amendment to MaRisk

On 30 June 2026, all credit institutions and financial services institutions in Germany received an important circular: Following the consultation phase, the German Federal Financial Supervisory Authority (Bafin) published the 9th amendment to its Minimum Requirements...

usd AG Listed as EPI Partner for Mobile Security Evaluations

usd AG Listed as EPI Partner for Mobile Security Evaluations

The popularity of mobile payments is growing, and with it, the demand for verified security. usd AG is expanding its activities in the EPI environment and will also conduct Mobile Security Evaluations in the future. This places us among the few EPI-listed Security...

Categories

Categories