Search
GET TO KNOW US

About us

We are a specialized company focusing on information security, carrying out penetration tests, supporting our customers with incident response and advising them in the German-speaking countries on information and IT security questions. 

We guarantee high quality for every single project and every single IT security assessment. 

Our consultants have excellent qualifications and a wealth of experience, partly resulting from more than 25 years of activity in the IT security field.

Our Expertise

In addition to the long-standing experience with customers, several cirosec employees are also known as authors of books and articles.

Many of them are also known for giving talks at various events and conferences. Likewise, research is a regular part of our employees’ work. 

Management Board

Stefan Strobel

CEO and Founder

Peter Lips

Managing Partner

Steffen Gundel

Partner and Co-Founder

Marco Lorenz

Partner and Co-Founder

Stefan Middendorf

Partner and Co-Founder

Daniela Strobel

Partner / Head of Marketing AND
Co-Founder

Quality

We guarantee high quality for every single project and every single IT security assessment. Our consultants have excellent qualifications and a wealth of experience, partly resulting from more than 25 years of activity in the IT security field.

Often, a highly experienced consultant operating in the background and another consultant carry out the projects. Projects or security assessments involve regular internal discussions to make sure to do the best job possible.

We discuss the assessment’s or project’s objectives, the things that are to be achieved and the questions that are to be answered individually with each customer. Based on the resulting information, we develop an individual plan and document it. 

In the context of security assessments, we continuously refine testing procedures and checklists for testing steps. That way, assessments do not depend on a consultant’s form on the day, but already ensure a high level of quality – even though the tests continue on an individual basis.

Our multi-level quality assurance process ensures that the final report is not only at a very high level with regard to content, but also occupies a top position in terms of language and style.

Research

We offer our customers high-level technical consulting and trainings. Therefore our employees frequently engage in research projects to live up to the high standard. 

In this context cirosec consultants analyze the latest topics, methods and tools in interesting information security areas and prepare them. The results of these activities contribute, for example, to projects, lectures at conferences, market overviews and articles for technical journals. 

You can find the latest information on our blog.

Vulnerability in VMware Workstation

VMware Workstation is virtualisation software that makes it possible to run several virtual machines in parallel on one device. These virtual machines can be managed using the VMware Workstation Player or VMware Workstation Pro software.

Vulnerabilities in the RealVNC remote maintenance software

In the course of research work, cirosec has uncovered a vulnerability in the RealVNC remote maintenance software. With VNC Connect, RealVNC offers a remote access and support solution for accessing and managing devices from anywhere.

Vulnerabilities in AudioCode's multi-service business routers

During our investigation, we found one DoS, one XXS and one CSRF vulnerability. Although we were able to get access to quagga VTYs.

Weak points in the Siemens LOGO!8 controller

Siemens LOGO! is a series of programmable logic controllers that are primarily intended for small automation tasks.

Analysing the safety of CODESYS-based industrial control systems

In the course of research work, several vulnerabilities were identified in the platform and reported to the manufacturer 3S-Smart Software Solutions GmbH.

Do you want to protect your systems? Get in touch with us.
Search
Search