20 years of Compass Security

We would like to propose a toast with you - to the past exciting 20 years and to the many valuable encounters.


You are coridally invited to our company anniversary

Take a look back with us on Friday, 07 June 2019, but also into the future. It's about hidden talents and quick decisions. It's about teams and their coaches. ein To attack and defend. And also a little about IT security.


Be inspired by our program and register now.

Program details

Register now 

We are looking forward to meet you at HSR Hochschule für Technik Rapperswil!


Walter Sprenger & Ivan Bütler


Vulnerability in "The Scheduler" Plugin for Jira

Thierry Viaccoz has identified an XML External Entity (XXE) vulnerability in "The Scheduler" plugin for Jira. Read more

Vulnerability in the Email+ iOS Application from MobileIron

Sylvain Heiniger has identified a "Cleartext Storage of Sensitive Information" vulnerability in the MobileIron application Email+. Read more

Vulnerabilities in Universal Automation Center (UAC)

Michael Fisler and Felix Aeppli have identified vulnerabilities in the Universal Automation Center (UAC). Read more


Compass Security Blog

Privilege escalation in Windows Domains (2/3)

This second article about privilege escalation in Windows domains describes how to propagate by aiming for passwords that are lying around. mehr

Privilege escalation in Windows Domains (1/3)

This first article of our series about privilege escalation in Windows domains demonstrates how to get a foothold by relaying credentials from users. mehr