Our understanding

Compass stands for trust, competence, and customer orientation.

Trust

Creating a relationship of trust is our primary goal in working together with our customers. We emphasize personal and transparent communications, firm commitments and absolute confidentiality. Our reputation is built on authenticity and demonstrated through competence.

Competence

We put our in-depth expertise to the test on customer projects every day and are always ready to accept new challenges. Based on a combination of broad experience from our everyday activities, our employees' continuous training, and thirst for new research possibilities, we keep pace with the latest technologies and trends, and continuously adapt our knowledge base and methodology.

Customer orientation

Our personal contact with customers helps us understand the exact requirements, we can give them the project support they expect and react flexibly to any sudden changes in the company environment.

At all times, be it during a kick-off meeting, during the actual security assessment, or in the documentation and debriefing phase, we make a special point of communicating appropriately to whatever interest group we are addressing.


CALENDAR

Securing Industrial IoT

On August 29, 2019, experts from research and practice will meet in Bremen to discuss how industry companies and CIP operators can actively protect... Read more

Beer-Talk #20 in Berlin: Keep Calm and Dump Your Memory

Cybercriminals are constantly finding sophisticated ways to infect computers or mobile devices with malware. What you should NOT do (and why) if your... Read more

Cyber Risks – from abstract risk to everyday reality

The Europa Institut at the University of Zurich (EIZ) is one of the leading centres of expertise for European Law and is an important provider of... Read more

ALL DATES

NEWS

Vulnerability in "The Scheduler" Plugin for Jira

Thierry Viaccoz has identified an XML External Entity (XXE) vulnerability in "The Scheduler" plugin for Jira. Read more

Vulnerability in the Email+ iOS Application from MobileIron

Sylvain Heiniger has identified a "Cleartext Storage of Sensitive Information" vulnerability in the MobileIron application Email+. Read more

Vulnerabilities in Universal Automation Center (UAC)

Michael Fisler and Felix Aeppli have identified vulnerabilities in the Universal Automation Center (UAC). Read more

ARCHIVES

Compass Security Blog

Privilege escalation in Windows Domains (2/3)

This second article about privilege escalation in Windows domains describes how to propagate by aiming for passwords that are lying around. mehr

Privilege escalation in Windows Domains (1/3)

This first article of our series about privilege escalation in Windows domains demonstrates how to get a foothold by relaying credentials from users. mehr

ZUM BLOG