A well-established tradition for the usd HeroLab and a great end to the year: from December 27 to 30, 2019, more than 20 HeroLabbers attended the four-day 36th Chaos Communication Congress in Leipzig, Germany. The largest hacker conference in Europe, …
In the era of digitalization, the question of whether systems and applications are effectively protected from attackers is business critical for many companies. The right choice of analysis methods is just as relevant as is choosing a competent partner. In …
Code Review – the Supreme Discipline of Security Analyses Businesses today invest a lot in a wide range of security measures to protect their infrastructures from attacks. These include working with certified vendors, ensuring secure business operations, training employees to …
Vulnerability Disclosure usd HeroLab penetration testers have identified several security vulnerabilities during security analyses. These vulnerabilities affect the Bitbucket, PhpSpreadsheet and XClarity. The following vulnerability classes were identified: Broken Access Control XML External Entity (XXE) Processing In accordance with usd …
In addition to university courses, the usd HeroLab training program „Become a HeroLab Professional“, or “Become a HeroLabber” for short, is another investment in qualified young talent by usd AG. Experienced usd HeroLab security analysts systematically prepare the students of …
Around 60 colleagues of usd HeroLab attended the latest two-day team workshop at CST Academy. In addition to expert presentations on various topics, such as special penetration testing techniques on Windows systems, they discussed current best practices and engaged in practical …
usd Herolab proudly presents the Cyber Security Transformation Chef (shorthand CSTC), which is a Burp Extension for various input transformations. It implements a generic way to replace the need for numerous specialized extensions. Why another extension? There is always the …
We are excited to present one of our in-house developments at DEF CON 27 – the CST Chef. Our Heroes and developers Sebastian Puttkammer and Ralf Almon, Managing Consultants at usd HeroLab, have taken a brief moment to say some …
by Stefan Schmer, Managing Consultant Security Analysis & Pentests, usd AG. Vulnerability Disclosure usd AG penetration testers have identified several security vulnerabilities during security analyses. These vulnerabilities affect the products Adobe Experience Manager (AEM), Bitbucket, feeling4design Super Forms and Oracle …
Cyber Security Transformation Chef (CSTC) Convinced Jury As one of the largest international IT security conferences worldwide, DEF CON once again brings together the world’s leading IT security experts in August. We are happy to announce that we will be …
