Dr. Antje Winkler
Partner | Offensive Security
Offensive Security
Offensive Security
Strengthen Your Digital Defenses!
Whether it is complex IT or OT ecosystems, embedded systems, IoT environments, automotive components, mobile apps, or web applications, our Offensive Security Team operates like a real attacker to assess your security measures and identify potential vulnerabilities before they can be exploited by others.
Additionally, our experienced Red Team conducts comprehensive, realistic attack simulations to evaluate your company’s cyber defense measures, uncovering weaknesses at both the technical and process levels.
Prioritizing transparency, trust, and personalized consultation, we work closely with you to ensure that your security strategy is perfectly aligned with your specific needs. Of course, we remain available to answer any questions you may have even after the test.
Protect your company from today's and tomorrow's threats. Stay one step ahead of attackers with our expertise!
Additionally, our experienced Red Team conducts comprehensive, realistic attack simulations to evaluate your company’s cyber defense measures, uncovering weaknesses at both the technical and process levels.
Prioritizing transparency, trust, and personalized consultation, we work closely with you to ensure that your security strategy is perfectly aligned with your specific needs. Of course, we remain available to answer any questions you may have even after the test.
Protect your company from today's and tomorrow's threats. Stay one step ahead of attackers with our expertise!
Cyber Attacks – An Important Topic for Every Company
Increasing digitization, networking, and outsourcing of digital infrastructures - to cloud providers, for example - are opening new ways for attackers to infiltrate companies. Whether through systems exposed on the internet, insufficient access controls at the company site, or seemingly trustworthy communication channels with suppliers and partners, there are numerous attack vectors which must be considered:
As BDO Cyber Security GmbH, we help you identify relevant threats, recognize vulnerabilities and define appropriate measures. With our experience, we support you as a strong partner in all matters related to cyber security.
Our Offer for You
Penetration Testing
Identify vulnerabilities in your company networks, applications and systems with our help. Our team will examine your solution from the perspective of a real attacker to determine the current level of security. The goal is to comprehensively analyze your solution and uncover as many vulnerabilities as possible.
You will receive a detailed report that not only lists identified vulnerabilities and their criticality but also recommends possible measures for remediation.
LEARN MORE
IoT & Embedded Penetration Testing
BDO Cyber Security GmbH operates a modern testing laboratory specifically equipped for security analyses at hardware level. Our experts have the necessary equipment and knowledge to thoroughly examine embedded devices including radio and automotive hardware components.
We analyze the entire device, from the firmware level to the circuit board. Our expertise covers a wide range of internal and external interfaces, such as JTAG/SWD, UART, SPI, I²C, USB, Ethernet, CAN, Wi-Fi, Bluetooth (Low Energy), ZigBee, LoRaWAN, and 2G-5G, as well as other industry-specific standards. Additionally, we examine the device's connections to other systems, such as backend communication, remote update processes, and remote maintenance mechanisms.
LEARN MOREWe analyze the entire device, from the firmware level to the circuit board. Our expertise covers a wide range of internal and external interfaces, such as JTAG/SWD, UART, SPI, I²C, USB, Ethernet, CAN, Wi-Fi, Bluetooth (Low Energy), ZigBee, LoRaWAN, and 2G-5G, as well as other industry-specific standards. Additionally, we examine the device's connections to other systems, such as backend communication, remote update processes, and remote maintenance mechanisms.
OT Penetration Testing
Networking and digital management are becoming increasingly important for production facilities and other critical infrastructures. Previously isolated OT environments are increasingly being connected to IT infrastructures. Additionally, the European Union's NIS 2 Directive tightens cyber security requirements for critical infrastructures, including digital platforms such as cloud services and social networks.
Our security tests help organizations evaluate the effectiveness of their security measures, ensuring compliance with the NIS 2 Directive. By identifying vulnerabilities and highlighting appropriate countermeasures in OT & IT systems, we not only enhance security but also enable organizations to proactively respond to changing cyber threats. Regular security testing is not only legally mandated but also a crucial protection mechanism for sensitive data, strengthening the trust of customers and partners.
LEARN MOREOur security tests help organizations evaluate the effectiveness of their security measures, ensuring compliance with the NIS 2 Directive. By identifying vulnerabilities and highlighting appropriate countermeasures in OT & IT systems, we not only enhance security but also enable organizations to proactively respond to changing cyber threats. Regular security testing is not only legally mandated but also a crucial protection mechanism for sensitive data, strengthening the trust of customers and partners.
Red Teaming
Our Red Teaming Services simulate realistic cyber attacks on your company. In contrast to penetration testing, the goal of Red Teaming is not to identify as many vulnerabilities as possible, but rather – just like a real attacker – to infiltrate the company as stealthily and deeply as possible. This way, your existing detection and response measures are primarily put to the test.
Before the campaign begins, we align the specific objectives of the attack simulation with you and tailor our approach precisely to your needs. From targeted attacks on individual systems or company divisions to comprehensive attack simulations as part of a large-scale Red Teaming campaign, we offer various scenarios that thoroughly test your security infrastructure.
LEARN MOREBefore the campaign begins, we align the specific objectives of the attack simulation with you and tailor our approach precisely to your needs. From targeted attacks on individual systems or company divisions to comprehensive attack simulations as part of a large-scale Red Teaming campaign, we offer various scenarios that thoroughly test your security infrastructure.
Offensive Security Consulting
In addition to the services mentioned above, we offer a range of consulting services to complete our portfolio. Our expertise extends to conceptual areas, including advising on the development of security concepts and technical designs, conducting risk and threat analyses, and supporting you in interpreting vulnerabilities within the context of your organization.
LEARN MOREOur Industry-Specific Solutions
Threat-Led Penetration Testing
The EU-wide Digital Operational Resilience Act (DORA) requires the financial sector to enhance digital resilience.
This includes mandatory security assessments, such as Threat-Led Penetration Testing (TLPT) in line with the TIBER-EU Framework.
Trust our expertise to fortify your systems and address your security needs effectively.
LEARN MOREThis includes mandatory security assessments, such as Threat-Led Penetration Testing (TLPT) in line with the TIBER-EU Framework.
Trust our expertise to fortify your systems and address your security needs effectively.
Healthcare Security Assessment
The growing digitization in healthcare brings new security risks for institutions and patients alike. We understand these challenges and assist healthcare organizations in thoroughly examining their systems and applications to identify potential security vulnerabilities.
Our comprehensive service offerings enable us to address your specific needs, whether you require an in-depth analysis of individual systems or a holistic assessment of your entire infrastructure and applications.
LEARN MOREOur comprehensive service offerings enable us to address your specific needs, whether you require an in-depth analysis of individual systems or a holistic assessment of your entire infrastructure and applications.
Our Expertise
Our experienced team of penetration testers and Red Team professionals holds various certifications, including:
- OffSec Certified Professional (OSCP)
- OffSec Certified Expert 3 (OSCE³)
- OffSec Web Expert (OSWE)
- OffSec Experienced Penetration Tester (OSEP)
- OffSec Exploit Developer (OSED)
- GIAC Reverse Engineering Malware (GREM)
- GIAC Experienced Penetration Tester (GX-PT)
- HackTheBox Certified Penetration Testing Specialist (HTB CPTS)
- Certified Red Team Lead (CRTL)
- Certified Red Team Operator (CRTO)
- Burp Suite Certified Practitioner (BSCP)
- Altered Security Red Team Professional for Azure (CARTP)
- Certified Information Systems Security Professional (CISSP)
- ISTQB Certified Tester / Test Manager
- Cyber Security Professional (IHK)
In dedicated hacking sessions, our team analyzes various commercially available hardware and software products. Discovered vulnerabilities are published as CVEs. You can find the corresponding overview here: Advisories.
Our Hardware Testing Laboratory
To provide you with comprehensive analyses of various IoT and embedded devices, we operate a state-of-the-art hardware testing laboratory. Our lab equipment enables the examination of your devices across multiple layers, ensuring precise and reliable outcomes.
Our specialized radio testing environment features a shielding unit for isolating radio technologies, e.g., TCUs and LTE modules. This effectively avoids interferences and sources of disturbance. Using tools like software-defined radios, we analyze various wireless technologies, including 2G, 4G (LTE), ZigBee, Wi-Fi, NFC, RFID, and Bluetooth. For the analysis of mobile communication (e.g., 2G and 4G), we have a test network with our own base station. This enables us to monitor communication channels and analyze data transmission in detail. Additionally, the radio testing environment allows for interception and manipulation attempts of over-the-air firmware updates.
In addition to the radio testing environment, our laboratory is equipped with a hardware testing station. This station is designed to examine various device types in their intact state or to conduct targeted manipulation attempts through hardware modifications. Equipped with a digital oscilloscope and logic analyzers, we can precisely analyze data transmission over physical interfaces such as USB, UART, SPI, or JTAG. For non-invasive tests, we use PCB holders and test probes. Upon request, we also perform more invasive manipulation and extraction attempts, for example, to access internal data in memory modules.
Why You Should Choose Us
- Professional team of penetration testers and Red Team experts with relevant certifications and extensive experience
- Broadly skilled experts (e.g., web applications and services, IT infrastructures, embedded systems and IoT devices, automotive hardware/software, various radio protocols, and mobile applications)
- State-of-the-Art testing laboratory equipped for a wide range of hardware-related tests
- In-depth analysis of your systems from the perspective of a real attacker
- Customized solutions tailored to your specific requirements and IT systems
- Testing according to established and recognized standards
- Comprehensive test report and joint debriefing
What should you consider? What key factors should you address? We are here to support you with these and any other concerns.
