Cyber Security Challenge Germany
The Cyber Security Challenge Germany (CSCG) was once again looking for young talents to make Germany's future safer. The online qualification has... Read more
Compass Security Schweiz AG
Werkstrasse 20
8645 Jona
Schweiz
Security Reviews
Security reviews are often used when new systems are commissioned and give you an overall picture as to the system’s vulnerability before its eventual go-live date. Frequently, reviews are also used in the initial prototyping stage for a project, so that security features can be incorporated at the earliest possible stage. The results of a security review often determine the final go-live date.
Expectations
We will discuss your project, identify possible threats and agree on an analysis approach with you. Security reviews typically entail the following work:
- Analyzing source code
- Provide second opinions on concepts
- Provide second opinions for setting up new services and infrastructure
- Provide second opinions on new products and technologies
- Assess the configuration of security settings
- Assess hardening of systems exposed to the internet
- Assess entire systems and system architectures
Carrying out the review
Compass Security works closely together with you when carrying out a security review. All the necessary insider data, test network configuration, system settings and source code is disclosed to us so that we will be able to see the effectiveness of any security measures.
Typically the entire system security is determined based on reviewing these documents, through workshops and interviews with you or by analyzing the configuration or the source code itself. Common security standards or industry usage is the measure we use in reviewing this.
Final report
We provide a report which summarizes the entire system’s security, lists the findings as well as the potentials to improve the overall security. We guarantee that both your tech teams as well as your management teams will be able to make key decisions thanks to this report.
Debriefing
Usually, the key findings are already known to the team in the majority of cases since we identify the findings together with the customer during workshops and interviews. Nevertheless, Compass Security still recommends that a debriefing meeting is held so as to foster a common understanding of the overall security and for future additional work in this area.
We are more than happy to discuss your personal requirements. Do not hesitate to get in touch.
CALENDAR
Cyber Risks – from abstract risk to everyday reality
The Europa Institut at the University of Zurich (EIZ) is one of the leading centres of expertise for European Law and is an important provider of... Read more
Swiss Treasury Summit 2019
Das Schweizer Jahrestreffen der Treasurer - am 11. September 2019 an der HSLU in Rotkreuz. Read more
NEWS
Eine gelungene Feier zum 20-Jahre-Jubiläum
Compass Security lud am 07. Juni 2019 aktuelle und ehemalige Mitarbeitende, Kunden, Partner und Freunde ein, um ihr 20-jähriges Bestehen zu feiern.... Read more
Butcher Wechsler and the Hackers
The latest magazine of "Die Mobliliar" focusses on artificial intelligence as well as digitalization - and take a look at cyber crime. Read more
Hack2improve - a success story
The Furtwangen University of Applied Sciences offered a hacking workshop for the first time in 2008. What was a novelty at that time is now firmly... Read more
Compass Security Blog
Reversing obfuscated passwords
During internal penetration tests or Windows client hardening engagements, we often find configuration files with obfuscated passwords. The post demonstrates a general approach and required tools to... mehr
Swiss QR Code Invoices for Phun and Profit
Modern problems require modern solutions, this applies to the finance sector as well. So what problems am I talking about? Digital Invoices in a Mixed Payment Slip Landscape In Switzerland we are... mehr