The Digital Operational Resilience Act (DORA) will apply as of January 17, 2025. In addition to routine operational resilience testing, DORA will...
DORA Deep Dive: Threat-Led Penetration Testing (TLPT)
read more
Pentests & Security Analyses
Security Advisory on Gambio
The pentest professionals at usd HeroLab examined the online shop software Gambio during their pentests. The software offers merchants various...
Hacker Contest Winter Semester 2023/2024: 29 Students. 14 Vulnerabilities. 1 CVE. Countless Practical Insights.
Practical knowledge is often neglected during studies - but not for students at TU Darmstadt. In the winter semester, Matthias Göhring, Tobias...
Connect and Go: The usd OrangeBox Makes Preparing for Remote Pentests Easy
A penetration test or pentest provides answers to the question of whether attackers can penetrate your IT infrastructure. There are two ways in...
Top 3 Vulnerabilities in Mobile App Pentests
During their penetration tests (pentests), our security analysts at usd HeroLab repeatedly uncover vulnerabilities that pose significant risks to...
The Surprising Complexity of Finding Known Vulnerabilities
IT security professionals need an efficient and reliable solution for identifying known vulnerabilities in a software product, given its name and...
Secure or Not Secure, That Is the Question: “Cyber Security Assessments in Practice” at TU Munich
What are the different types of cyber security assessments? Why do companies undergo such security assessments? And how exactly does it work? Nico...
Security Assessment at All Levels: Pentest and Cloud Security Audit at Deutsche Fiskal
The need for a pentest is often driven by compliance requirements. However, in many cases, a pentest alone is not enough to make a reliable...
Pentest of Virtualized Applications (Citrix Breakout Test)
Many companies use application virtualization, such as Citrix, to deploy their software on client devices without a local installation. This allows...
Security Advisories for Gibbon Edu
The Pentest Professionals of the usd HeroLab have analyzed the open source educational software Gibbon Edu during their Pentests....
Security Advisories for SuperWebMailer
The usd HeroLab analysts examined the newsletter management tool SuperWebMailer while conducting their security analysis. During the...
Security Advisory for Contao
The usd HeroLab analysts examined the Contao content management system while conducting their security analysis. It is an open source software that...