GET TO KNOW US
About us
We are a specialized company focusing on information security, carrying out penetration tests, supporting our customers with incident response and advising them in the German-speaking world on information and IT security questions.
We guarantee high quality for every single project and every single IT security assessment.
Our consultants have excellent qualifications and a wealth of experience, partly resulting from more than 25 years of activity in the IT security field.
Our Expertise
In addition to the long-standing experience with customers, several cirosec employees are also known as authors of books and articles.
Many of them are also known for giving talks at various events and conferences. Likewise, research is a regular part of our employees’ work.
CIROSEC MANAGEMENT
Management Board
Stefan Strobel
CEO and Founder
Peter Lips
Managing Partner
Steffen Gundel
Partner and Co-Founder
Marco Lorenz
Partner and Co-Founder
Stefan Middendorf
Partner and Co-Founder
Daniela Strobel
Partner / Head of Marketing AND
Co-Founder
Quality
We guarantee high quality for every single project and every single IT security assessment. Our consultants have excellent qualifications and a wealth of experience, partly resulting from more than 25 years of activity in the IT security field.
Often, a highly experienced consultant operating in the background and another consultant carry out the projects. Projects or security assessments involve regular internal discussions to make sure to do the best job possible.
We discuss the assessment’s or project’s objectives, the things that are to be achieved and the questions that are to be answered individually with each customer. Based on the resulting information, we develop an individual plan and document it.
In the context of security assessments, we continuously refine testing procedures and checklists for testing steps. That way, assessments do not depend on a consultant’s form on the day, but already ensure a high level of quality – even though the tests continue on an individual basis.
Our multi-level quality assurance process ensures that the final report is not only at a very high level with regard to content, but also occupies a top position in terms of language and style.
Research
We offer our customers high-level technical consulting and trainings. Therefore our employees frequently engage in research projects to live up to the high standard.
In this context cirosec consultants analyze the latest topics, methods and tools in interesting information security areas and prepare them. The results of these activities contribute, for example, to projects, lectures at conferences, market overviews and articles for technical journals.
You can find the latest information on our blog.
Vulnerability in VMware Workstation
VMware Workstation is virtualisation software that makes it possible to run several virtual machines in parallel on one device. These virtual machines can be managed using the VMware Workstation Player or VMware Workstation Pro software.
Vulnerabilities in the RealVNC remote maintenance software
In the course of research work, cirosec has uncovered a vulnerability in the RealVNC remote maintenance software. With VNC Connect, RealVNC offers a remote access and support solution for accessing and managing devices from anywhere.
Vulnerabilities in AudioCode's multi-service business routers
During our investigation, we found one DoS, one XXS and one CSRF vulnerability. Although we were able to get access to quagga VTYs.
Weak points in the Siemens LOGO!8 controller
Siemens LOGO! is a series of programmable logic controllers that are primarily intended for small automation tasks.
Analysing the safety of CODESYS-based industrial control systems
In the course of research work, several vulnerabilities were identified in the platform and reported to the manufacturer 3S-Smart Software Solutions GmbH.
Competent IT security consulting, pentests, incident response and training
Ferdinand-Braun-Straße 4
74074 Heilbronn, Germany
74074 Heilbronn, Germany