The way we work

Proven approach

International standards and many years of experience form the basis of our process model, which guarantees efficiency and quality. NIST SP800-115 specifications, PCI DSS requirements and recommendations of the German Federal Office for Information Security (BSI), the Open Web Application Security Project (OWASP) and the Open Source Security Testing Methodology Manual (OSSTMM) are taken into account. Our Pentest Service Management supports you throughout your entire pentest project.

Efficiency & quality

The high degree of automation of our processes and the excellent know-how of our security analysts guarantee the high quality of our work. We use tools developed in-house and quality assured as well as tools from internationally recognized manufacturers. This allows our security analysts to carry out their tests even more efficiently and comprehensively and leaves time for targeted, manual analyses.

Highest demands on our competence

The consitently high quality of our work requires structured and efficient introduction of employees to our processes and tools. To this purpose, our best security analysts and forensic experts have developed the HeroLab Onboarding Program over the recent years. At the end of this program, there is a comprehensive final examination with the highest demands on methodical ability, creativity and endurance in a market comparison: the “usd HeroLab Certified Professional”, UCP for short. Only those who achieve this certification work independently in customer projects. Through these high requirements and our continuous improvements to the program as part of our quality management, we guarantee excellent results for our customers.