News
PCI Secure Software Standard v2.0: What You Should Know
On 15 January 2026, the PCI Security Standards Council (PCI SSC) released version 2.0 of the PCI Secure Software Standard. This is the first...
Part-IS and ISO 27001: How to Leverage Synergies for Your Compliance
On 22 February 2026, the EU Regulation Part-IS for aviation organizations will come into force. They must manage information security risks in a way...
Assessing the Security of AI Chatbots: Pentests Uncover Critical Vulnerabilities in LLM Platforms
Artificial intelligence (AI) is transforming the business world. Large language model (LLM) platforms in particular are increasingly finding their...
Security Advisories on OrangeHRM und memos
The pentest professionals at usd HeroLab identified multiple vulnerabilities in the applications OrangeHRM and memos during web application...
DORA Deep Dive: Threat-Led Penetration Testing (TLPT)
Since the publication of the original blog post in May 2024, the final version of the RTS for TLPT has been released. The blog post has been updated...
After Drafts, Amendments, and Hearings, the NIS2UmsuCG Will Officially Enter Into Force in Germany on 06.12.2025
The NIS-2 Directive became binding in the EU at the beginning of 2023 in order to ensure a consistently high level of protection for critical and...
Red Teaming: 5 Questions Every IT Leader Wants Answered
Many companies invest in firewalls, endpoint protection, and awareness training, assuming that this puts them in a strong position. But the reality...
Stronger Together: usd AG Joins Security Network Munich
We are convinced that real progress in cyber security can only be achieved through open knowledge sharing and collaboration. That is why we...
Key Topics, Implementation, and Challenges: The 7 Most Important Questions About ISO 42001
The use of artificial intelligence (AI) has long become a part of our everyday lives. But AI is not only gaining importance in day-to-day...
Lively Discussions and Exciting CTFs: The usd Hackertage and usd Hacking Night
On November 7, 2025, our offices in Neu-Isenburg, Cologne, and Munich opened their doors to anyone who not only wants to understand IT security and...
OWASP Top 10 2025 Released: Our Insights and Contribution
The OWASP Top 10 is considered the global standard for web application security. It highlights the main risks and indicates where companies should...
EU AI Act: The 7 Most Important Questions
The EU AI Act establishes the world's first comprehensive legal framework for artificial intelligence. What was previously considered a...