News
NIS-2: The Most Important Takeaways from the German Implementation Act
The law implementing the NIS-2 Directive aims to transpose the requirements of the European NIS-2 Directive into the German legal system. On May 7,...
Security Advisory on WeKan
The pentest professionals at usd HeroLab examined the open source application WeKan during their pentests. This application offers users a solution...
Top 3 Vulnerabilities in Fat Client Pentests
During their penetration tests (pentests), our security analysts at usd HeroLab repeatedly uncover vulnerabilities that pose significant risks to...
DORA Deep Dive: Threat-Led Penetration Testing (TLPT)
The Digital Operational Resilience Act (DORA) will apply as of January 17, 2025. In addition to routine operational resilience testing, DORA will...
Security Advisory on Gambio
The pentest professionals at usd HeroLab examined the online shop software Gambio during their pentests. The software offers merchants various...
What Does “Periodically” Actually Mean? PCI DSS v4.0 Specifies Timeframes
“Promptly”, “quarterly”, “periodically”: Many PCI DSS requirements demand that measures be implemented within a specified timeframe. While version...
Information Security in Third-Party Risk Management: How to Set Up a TPRM Program
Companies often work with a large number of service providers in order to be able to concentrate on their core business or save costs. For this to...
Break Down Prejudices, Empower Women. We Participate in Girls'Day 2024
Approximately a quarter of our usd Heroes are female. Even though that is above the average for our industry, we are convinced that there is still...
Hacker Contest Winter Semester 2023/2024: 29 Students. 14 Vulnerabilities. 1 CVE. Countless Practical Insights.
Practical knowledge is often neglected during studies - but not for students at TU Darmstadt. In the winter semester, Matthias Göhring, Tobias...
Connect and Go: The usd OrangeBox Makes Preparing for Remote Pentests Easy
A penetration test or pentest provides answers to the question of whether attackers can penetrate your IT infrastructure. There are two ways in...
Top 3 Vulnerabilities in Mobile App Pentests
During their penetration tests (pentests), our security analysts at usd HeroLab repeatedly uncover vulnerabilities that pose significant risks to...
Security Advisories for SONIX and SAP
The pentest professionals at usd HeroLab examined SONIX Technology Webcam and SAP Fiori Sample Shop during their pentests. Our professionals...