Penetration Tests

Penetration Tests

Penetration Tests

Assuming the role of an attacker, we test your devices, networks, services, and applications for vulnerabilities. Using social engineering and red teaming we test the behavior and processes of the whole organization. read more

Security Reviews

Security Reviews

Security Reviews

Experienced IT analysts support you with a second opinion on security concepts and if requested, test the structure, configuration, and source code of your solution. read more

Incident Response 24/7

Incident Response 24/7

Incident Response 24/7

Our experts help in coordinating incident and emergency measures as well as with the processing of data for use in court. Additionally, we provide quick and accessible research into the cause of incidents. read more

Security Trainings

Security Trainings

Security Trainings

Benefit from our analysts' knowledge of penetration testing, network analysis, digital forensics, secure mobile apps, and other applications, or choose to receive training in our specially created lab. read more

FileBox

FileBox

FileBox

FileBox is a solution for both secure file transfer and secure file storage. It provides you with the ability to securely exchange documents. read more

Hacking-Lab

Hacking-Lab

Hacking-Lab

Hacking-Lab is an online ethical hacking, computer network and security challenge platform, dedicated to finding and educating cyber security talents. read more

CALENDAR

Beer-Talk #18 in Berlin: How to pwn a Global Player in two days

Thanks to greater financial and personal resources, large companies are better equipped against hacking attacks than smaller companies and startups.... Read more

Beer-Talk #27 in Zurich: WiFi Open to WPA3

WiFi is omnipresent, but the networks often have weaknesses. Does the WPA3 standard provide additional defenses? We will show you whether the WiFi... Read more

5. Digital Real Estate Summit 2019

The place to meet the digital real estate industry. Read more

ALL DATES

NEWS

Vulnerability in mod_auth_openidc module

Mischa Bachmann has identified a reflected cross site scripting (XSS) vulnerability in the mod_auth_openidc module for the Apache 2.x HTTP server. Read more

Compass Security supervises scientific work

Compass Security volunteers as supervisor for academic work and studies relating to information security. Read more

Vulnerability in the Siemens SICAM A8000 Series web interface

Emanuel Duss and Nicolas Heiniger have identified an XXE vulnerability in the web interface of the Siemens SICAM A8000 Series. Read more

ARCHIVES

Compass Security Blog

XSS worm – A creative use of web application vulnerability

In my free time, I like to do some bug bounty hunting. For some reasons, I’ve been doing this almost exclusively for Swisscom. One of the reason is that the scope is very broad and I like to have this... mehr

Substitutable Message Service

Have you ever said something and later regretted it? Or written an email to someone and then wished it had not happened? Or sent an SMS message but afterward desired to change its content? Well,... mehr

ZUM BLOG