Security Analysis & Pentests

We support businesses with technical security analysis

Our services for businesses and manufacturers

Whether you want to use applications and systems more securely as a company or, as a product manufacturer, want to offer demonstrably more security to your customers: With usd HeroLab, you have one of the leading security partners at your side.

The goal of our security analyses is to identify vulnerabilities, point out associated risks and determine ways to raise your security level. We will discuss your goals, environments and potential risks and work together to find the solution that is right for you. Our promise of performance is more security!


Can hackers penetrate your IT systems?

Code Review

How secure is your application?

Security Scan

Are you looking to get started with assessing your security?

Red Team Assessment

We find the vulnerabilities
that help hackers achieve their goal.

Incident Response & Forensics

Are you prepared for the worst case scenario?

Digital Forensics

Were you the victim of a cyber attack or do you suspect that you were?

Vulnerability Management

Would you like to identify vulnerabilities permanently and on time and eliminate them systematically?

Management & Organisation

Would you like assistance with planning and performing your security analyses?

Live Hacking

How easily can attackers gain access to third-party data or spy on others?

Secure App

How trustworthy is your app?

What matters to us the most

Our approach is based on international standards and many years of experience, guaranteeing efficiency and quality. We take the requirements of the NIST SP800-115, the PCI DSS and action recommendations provided by the German Federal Office for Information Security (BSI) and the Open Web Application Security Project (OWASP) into account.


Handling the results of our work in a responsible way is our highest priority. We’ve taken a long, hard look at what this means for our behaviour. Below, you’ll find our guiding principles for responsible disclosure of security vulnerabilities.

Responsible Disclosure

IT security research is just as important to our work as the exchange of knowledge with the security community. After all, more security can only be achieved if many people take on the task. We bear responsibility. We share the knowledge we gain in our practical work and through our research with the security community in public events held in the CST Academy,  training courses and publications.

Read more




Please contact us with any questions or queries.


Phone: +49 6102 8631-190
Contact Form


Daniel Heyne
usd Team Lead Sales,
Security Consultant Pentest, OSCP, OSCE