404 not found

...or speak to us directly

Name

<p>This webpage uses Google Tag Manager. For a complete list of cookies set, read more <datenschutz>here</datenschutz>.</p>

In a free initial consultation, we determine if and how I can help you.

Initial consultation

Hourly package or project – everything is possible!

Conditions

How do I consult?

Implementation

Contact me now!

"But no one (internally) told us" can become very expensive very quickly.

With me, you have a consultant at your side who

The concept or idea is approved...

I am your sparring partner for all things cybersecurity

Whether it's concept, organization, or implementation of software or management plans. With an offensive security mindset, your company or project becomes more robust.

I am your sparring partner for IT security

IT Security Consulting

Inquire now and make life difficult for hackers/penetration testers in the future!

had the developers received appropriate training.

Many hacks – and thus financial and reputational damage – could have been avoided...

After our workshops with your team...

"Of course, we could get some certification somewhere, but I want my people to learn something!"

IT Management, Software Company Insurance Industry

I know how developers think – I was one myself (<mhgreen>and I also implemented some security vulnerabilities</mhgreen>).

Burying your head in the sand is not an option (unfortunately).

Our favorite: Either on a hacking platform – or against your application! If possible, we will hack your own applications together with your team, making them put on the 'black hat' of an attacker.

Hack Yourself

Here we discuss how a secure infrastructure can be created on which the application then runs. We talk about errors in cloud configuration up to test servers with production data from numerous company customers.

The error is often not in the code!

Here we either go through the classic OWASP Top 10, or focus on specific vulnerability classes that are particularly close to your heart.

Security vulnerabilities and how they are found

In this section, we explore the mindsets of both the attackers and your team. Based on either security vulnerabilities found in your system or public hacks, we analyze how they could have happened. This includes:

How do hackers think? How do developers think?

We exchange experiences on how, for example, as a team lead, you can ensure that your developers take security seriously, continue their education, and how an environment can be created where IT security is considered.

The company culture too...

Excellent! Whether it was conducted by us or not: We can go through the findings with the team:

Already have a penetration test report?

Modules

Trainings and Workshops for Developers

Even if you don't count as critical or essential companies: Your customers probably do. And they must ensure that their supply chain is secure. Can you prove that?

Regulations (e.g., NIS2)

Data leaks, security vulnerabilities, and hacks may lead to reputational damage – up to the loss of customers.

Reputation

Development talents want to work with modern tools and methodologies (e.g., DevOps, Infrastructure as Code) and learn new things.

Rockstars

Why you need to train your team

We train your developers so that penetration testers/hackers get frustrated (because your software becomes so secure).

IT Security and Secure Coding Trainings and Workshops for Developers

Trainings for Developers / IT Security for Developers

How could this be used <italic>against</italic> your company? And how do we prevent this from happening?

The question we continuously ask ourselves is:

The Hacker Mindset

This is about actual attacks – be it phishing, penetration tests, or code reviews.

I hack your company so the bad guys won't.

Penetration Tests

How many employees would click on phishing-links?

Phishing Simulations

Hacking

Which insecure services are open to the outside?

Vulnerability Scans

Does your software have security vulnerabilities?

Web App Tests (Black Box)

I review your source code and find vulnerabilities.

Web App Tests (White Box)

How we can help you

Upskilling your Developers

Cybersecurity is not just technology. Quite the opposite. Here we identify organizational risks and solve them through adapted processes or other organizational measures.

hack-mi.net Bootcamp

Hacking Lectures

Cybersecurity Consulting

OSINT Threats

Organizational

Adversary

We offer internal and external penetration tests and security assessments of your software and web applications.

Adversary GmbH

Penetration Testing and IT Security Consulting by Adversary GmbH

Incident?

Please have answers to the following questions ready:

I can help you. In incident response, I support you both technically and organizationally in resuming operations.

Have you had a hacking incident in your company?

Together we create a rough map of your company. No technical knowledge needed.

1. Map

Using a list or a serious play card game, we enumerate concrete dangers against your company.

2. Dangers

The result is a list of concrete risks and measures in your company, based on which you can proactively start protecting your mission.

3. Measures

In 3 steps to the IT security concept

Together we will discuss how the hack-mi.net Bootcamp can help you.

"Under pressure, we do not live up to our expectations, but fall back to the lowest level of our training."

I fell for the same myths...

15GB of order data from the body manufacturer Gedia were published.

Corporate data published

Maersk had to rebuild its entire IT infrastructure from scratch in 2017.

Rebuilding infrastructure

Do you want to cooperate with a company that doesn't have good cybersecurity?

Loss of reputation

Rome wasn't built in a day, but it was burnt down in one.

The parent company of Travelex lost two-thirds of its market value due to a ransomware attack.

66% loss in market value

43% of cyberattacks target SMEs (Symantec)

We are too small

In 67% of the attacks, the attackers' motive was financial damage, so an impersonal motive.

Who would want to damage us?

Applications programmed years ago often still do not take into account today's security standards in development.

Everything is working fine

Companies often take refuge in one of the following myths:

I help SMEs with to their cybersecurity concept with just one bootcamp

My claim:

In a few hours, I help you go from "I don't know where to start" to "I have a plan". In the report, you will see exactly your next steps.

I help SMEs with just one bootcamp to their IT security concept

Hack mi net Bootcamp

Get your company tested now – before a ransomware group does it!

if the company had known about the vulnerabilities, for example through a penetration test, and handled them properly.

Many hacks could have been avoided –

After our penetration test...

Whether you like it or not – your company is continuously being tested

I test your company using the methods of cybercriminals

Based on your briefing, we try to gain as much insight as possible – and not just find one way in and quit.

The 'attack' is carried out

What should be tested? Where is the greatest risk in your company? Which methods should we use?

Initial conversation

In a report and a follow-up meeting, we clarify which vulnerabilities we found – and how they can be solved.

Findings

How do you get a penetration test? And how does it work?

In a penetration test, internal or external attackers are simulated to hack your company. But instead of damage and problems, you get reports and interesting insights from me.

Is there a specific scenario we should simulate? To whom should the emails go?

How often was clicked? How often was the reaction correct? What are the next steps?

We conduct the simulation.

In 3 steps you will know how successful a phishing attack in your company could be.

Gain clarity now – how easily will your company fall victim to phishing attacks?

If phishing mails are not recognized, the hacking attack continues – often until your company is encrypted!

Your team now knows what to do in an emergency

Action

You know how high the risk is that a real attack goes unnoticed.

Clarity

Your employees know how the attack would have been recognizable

Knowledge

With phishing simulations...

A boxer doesn't step into the ring hoping 'it won't hit him'.

I find out how easily your team can fall victim to phishing attacks.

Martin Haunschmid simulates real phishing attacks on your organization. Everything from the 'sprinkler principle' to targeted spear phishing attacks is possible.

I find out how easily your team can become victims of phishing attacks.

I am your sparring partner for phishing attacks

Phishing Simulations by Martin Haunschmid

I want this!

It's always a shame when a presentation on such an exciting topic fails to make an impact and can't engage the audience.

My presentations...

I deliver engaging and understandable presentations that will stay in your audience's memory.

Organizing an event has not become any easier lately.

I deliver engaging and understandable presentations that are memorable

I develop your individual presentation

What is the topic? May I use your company as a fictitious target?

Non-binding initial conversation

The presentation is held

You can get your keynote in the following 3 steps:

Exciting and engaging presentations and keynotes about IT security, hacking, and cybercrime for audiences ranging from laypeople to professionals.

You receive a manually created report

I conduct the scan

Get your Vulnerability Scan in 3 steps:

Get your infrastructure scanned now!

Proxyshell, Proxylogon, PrintNightmare...

After the Vulnerability Scan

I scan your infrastructure and find out if and how it is vulnerable.

As soon as a security vulnerability becomes public,...

How do you fare against automated attackers?

With a vulnerability scan, you can see how you fare against automated attacks, for example. What is public, what is vulnerable?

The 'Attack'

What should be tested? What's the technology stack?

Non-binding initial consultation

We'll deliver a report and help you and your team understand the implications and how to fix things.

Report

A test of an application works like this:

I want to have an application tested!

An insecure application can lead not only to data protection fines but also to successful attacks against the company – or even its customers.

You can better assess the work of external developers

Assess

Which security vulnerabilities exist in the application – and how to evaluate them.

Plan

With a penetration test of your application, you find out:

But instead of harming you, your company, or your customers, We help you close the found security gaps – so that hackers with criminal energy can't find them anymore.

We test your web application

Is Your Application Secure?

Does Your Software Product Have Security Vulnerabilities?

Through Black Box penetration testing, we examine your application as a 'real' attacker would. Can customer data be downloaded? Maybe even hack your company?

Penetration Test Web Application (Black Box)

What should be tested? What are the technologies used?

The source code is examined. I can verify findings on a test instance if desired.

The Test

A White-Box Test proceeds as follows:

I want to have my software tested.

An insecure application can lead to not only data protection fines but also to the hacking of the company – or its customers.

After the Code Review

Through Source Code Review, I find security vulnerabilities in your software.

Have you developed (or had developed) something critical for your company?