Secure or Not Secure, That Is the Question: “Cyber Security Assessments in Practice” at TU Munich

1. February 2024

What are the different types of cyber security assessments? Why do companies undergo such security assessments? And how exactly does it work? Nico Fechtner and Merten Nagel from usd AG answered these and other questions as part of their guest lecture "Cyber Security Assessments in Practice" at the Technical University of Munich. They explained which legal provisions and regulatory requirements are essential for a large number of companies when it comes to cyber security. Using practical examples, they presented security audits and penetration tests to the students, focusing on network security issues. In a live demonstration, the students were also given insights into the tools that penetration testers use every day for their security analyses. Under the motto "Secure or not secure, that is the question", they puzzled over real security issues from practice and proved what they had already learned.

Merten Nagel gave a live demonstration of penetration testing tools

Everything is built on passion

Our colleagues welcome every opportunity to share their day-to-day work as penetration testers, security consultants or auditors at German universities. "Of course, we hope to awaken or strengthen students' passion for cyber security," says Nico Fechtner. "Many are already very interested, but have little idea what cyber security actually looks like in practice. That's why we always bring concrete examples and scenarios from our daily work. As a guide and a little nudge in the direction of more security."

And of course, the presentation also provided answers for all those who are now pondering the question: What should I bring to the table if I want to become a cyber security auditor or penetration tester myself? "Even if it sounds a bit like a cliché: First and foremost, an interest in and passion for the subject," says Merten Nagel. "Because in our field, we constantly have to deal with new technical developments and threats and keep up to date. Technical expertise, industry certifications and a knack for dealing with people are of course also essential - but all of this can be built on a genuine interest in cyber security."  

Also interesting:

Top 3 Vulnerabilities in Mobile App Pentests

Top 3 Vulnerabilities in Mobile App Pentests

During their penetration tests (pentests), our security analysts at usd HeroLab repeatedly uncover vulnerabilities that pose significant risks to corporate security. They increasingly encounter the same vulnerabilities. Our blog series "Top 3 Vulnerabilities" presents...

Security Advisories for SONIX and SAP

Security Advisories for SONIX and SAP

The pentest professionals at usd HeroLab examined SONIX Technology Webcam and SAP Fiori Sample Shop during their pentests. Our professionals discovered that systems with a SONIX Technology Webcam using the SonixDeviceMFT.dll driver in their default configuration are...

Categories

Categories