We are a specialized company focusing on information security, carrying out penetration tests, supporting our customers with incident response and advising them in the German-speaking countries on information and IT security questions.
We guarantee high quality for every single project and every single IT security assessment.
Our consultants have excellent qualifications and a wealth of experience, partly resulting from more than 25 years of activity in the IT security field.
In addition to the long-standing experience with customers, several cirosec employees are also known as authors of books and articles.
Many of them are also known for giving talks at various events and conferences. Likewise, research is a regular part of our employees’ work.
CEO and Founder
Managing Partner
Partner and Co-Founder
Partner and Co-Founder
Partner and Co-Founder
Partner / Head of Marketing AND
Co-Founder
We guarantee high quality for every single project and every single IT security assessment. Our consultants have excellent qualifications and a wealth of experience, partly resulting from more than 25 years of activity in the IT security field.
Often, a highly experienced consultant operating in the background and another consultant carry out the projects. Projects or security assessments involve regular internal discussions to make sure to do the best job possible.
We discuss the assessment’s or project’s objectives, the things that are to be achieved and the questions that are to be answered individually with each customer. Based on the resulting information, we develop an individual plan and document it.
In the context of security assessments, we continuously refine testing procedures and checklists for testing steps. That way, assessments do not depend on a consultant’s form on the day, but already ensure a high level of quality – even though the tests continue on an individual basis.
Our multi-level quality assurance process ensures that the final report is not only at a very high level with regard to content, but also occupies a top position in terms of language and style.
We offer our customers high-level technical consulting and trainings. Therefore our employees frequently engage in research projects to live up to the high standard.
In this context cirosec consultants analyze the latest topics, methods and tools in interesting information security areas and prepare them. The results of these activities contribute, for example, to projects, lectures at conferences, market overviews and articles for technical journals.
You can find the latest information on our blog.
VMware Workstation is virtualisation software that makes it possible to run several virtual machines in parallel on one device. These virtual machines can be managed using the VMware Workstation Player or VMware Workstation Pro software.
In the course of research work, cirosec has uncovered a vulnerability in the RealVNC remote maintenance software. With VNC Connect, RealVNC offers a remote access and support solution for accessing and managing devices from anywhere.
During our investigation, we found one DoS, one XXS and one CSRF vulnerability. Although we were able to get access to quagga VTYs.
Siemens LOGO! is a series of programmable logic controllers that are primarily intended for small automation tasks.
In the course of research work, several vulnerabilities were identified in the platform and reported to the manufacturer 3S-Smart Software Solutions GmbH.