News
Targeted Risk Analysis - PCI DSS introduces Individual Risk Assessment Tool
With the introduction of PCI DSS v4.0, many requirements and processes have changed significantly. Some of the new requirements are future-dated...
Top 3 Vulnerabilities in SAP Pentests
During their penetration tests (pentests), our security analysts at usd HeroLab repeatedly uncover vulnerabilities that pose significant risks to...
Hacker Contest Challenge of Summer Semester 2024: Sample Solution online
This summer semester, the "Hacker Contest" will be taking place again at the Technical University (TU) Darmstadt and Darmstadt University of Applied...
PCI DSS v4.0.1 Released
In response to stakeholder feedback and questions received since the release of PCI DSS v4.0 in March 2022, the PCI Security Standards Council (PCI...
NIS-2: The Most Important Takeaways from the German Implementation Act
The law implementing the NIS-2 Directive aims to transpose the requirements of the European NIS-2 Directive into the German legal system. On May 7,...
Security Advisory on WeKan
The pentest professionals at usd HeroLab examined the open source application WeKan during their pentests. This application offers users a solution...
Top 3 Vulnerabilities in Fat Client Pentests
During their penetration tests (pentests), our security analysts at usd HeroLab repeatedly uncover vulnerabilities that pose significant risks to...
Security Advisory on Gambio
The pentest professionals at usd HeroLab examined the online shop software Gambio during their pentests. The software offers merchants various...
What Does “Periodically” Actually Mean? PCI DSS v4.0 Specifies Timeframes
“Promptly”, “quarterly”, “periodically”: Many PCI DSS requirements demand that measures be implemented within a specified timeframe. While version...
Information Security in Third-Party Risk Management: How to Set Up a TPRM Program
Companies often work with a large number of service providers in order to be able to concentrate on their core business or save costs. For this to...
Break Down Prejudices, Empower Women. We Participate in Girls'Day 2024
Approximately a quarter of our usd Heroes are female. Even though that is above the average for our industry, we are convinced that there is still...
Hacker Contest Winter Semester 2023/2024: 29 Students. 14 Vulnerabilities. 1 CVE. Countless Practical Insights.
Practical knowledge is often neglected during studies - but not for students at TU Darmstadt. In the winter semester, Matthias Göhring, Tobias...