IT security that holds up.
Pentest, ISMS, compliance — we bring your security to a demonstrably dependable level. As a project, as a managed service or together with your team.
This service is right for you if…
…you are pursuing or need to maintain ISO 27001 certification.
…you want to know where your real attack surfaces are — before others do.
…you are subject to regulatory requirements (NIS2, DORA, KRITIS).
…you don’t have your own security team and want to bring in external expertise.
What we do for you, in concrete terms.
Penetration testing
Web apps, external perimeter, internal networks, Active Directory. OWASP and PTES methodology. Clear reports, prioritized measures, optional re-test after remediation.
ISMS & ISO 27001
Setup, support, audit preparation. Pragmatic, without tons of paperwork. We get you through certification — and make sure the system is actually lived afterwards.
Vulnerability management
Continuous scans, prioritization by business risk, remediation support. So the gaps don’t grow while you’re busy with day-to-day work.
Awareness & phishing simulations
Employees as the strongest defence rather than the weakest link. Regular training, realistic phishing simulations, clear reports — without wagging a finger.
Incident response
Plan before the emergency, be ready to act when it happens. We build playbooks, rehearse emergency scenarios — and stand ready with our 24/7 cyber emergency service when it counts.
Compliance consulting
NIS2, DORA, KRITIS, GDPR — we translate the requirements into concrete measures. Pragmatic and verifiable, without losing you in a bureaucratic swamp.
How we work with you.
As a project
A clearly defined engagement with set scope, timeframe and fixed price. Result: a documented state, completed.
Beispiel: one-off pentest, ISO preparation.
As a managed service
We take over ongoing operations and carry the responsibility. You get clear SLAs, dedicated contacts and monthly reports.
Beispiel: continuous vulnerability management, awareness programme.
Co-Managed
Shared responsibility: your team keeps the day-to-day work, we take the specialist topics. Full transparency via a shared ticketing system.
Beispiel: You keep the routine patches, we take on critical vulnerabilities and incident response.
Proven standards and strong tools.
Methodology frames our work. We consistently follow international and national standards — from OWASP and PTES for penetration testing, through ISO 27001 for information security management systems, to BSI baseline protection and MITRE ATT&CK for threat analysis.
Technologies are our toolbox. We are vendor-independent, but deeply at home in our partners’ solutions. A selection of the tools we use in the Cybersecurity area:
Let’s talk about sensible cybersecurity strategies
Phone or a slot in the calendar — your direct line to us, however you prefer
Sven Wulf
Data bodyguard + security architect
At home in IT security for over 25 years — pentester, ISMS auditor, sparring partner for management. It matters to me that security supports your business rather than slowing it down. Feel free to contact me directly if you need a second opinion or an honest sparring partner.
Write to us: …