Services

Security Consulting, Auditing & Penetration Testing

Detack GmbH specializes in providing coverage in all aspects of IT security auditing – from basic penetration testing to advanced application layer auditing and up to organizational level – IT security policy assessments, security guidelines evaluation and management consulting. The service is customizable to fit the particular needs of the client.

In order to provide the best quality of service, the auditors perform vulnerability detection and research manually, thus ensuring full understanding and evaluation of security implications, and preventing any damage caused by automatic testing tools. Adding human creativity and reasoning to the testing procedures recreates real-world scenarios and guarantees a complete assessment.

The auditing services provided by Detack GmbH are modularly structured, depending on target type, complexity, perspective and layer, drawing on the previous experiences and scenarios already tested. For each client, Detack finely tunes and prepares customized auditing packages determined by the particular perspective and targets intended for analysis. As such, for specialized auditing, modules are combined and extended for the best coverage.

The IT security services provided by Detack cover various domains, such as:

Product Security Assessment

Detack has more than 18 years of experience in identification of product specific security flaws, development mistakes, design errors, as well as backdoors in computer hardware and software. Covering both vendor solutions and custom or self-developed applications, this is the professional service most sought-after by Detack’s customers.

Security Product Development

Based on the experience and know-how accumulated through auditing and consulting projects, Detack provides development of custom, environment or application specific security solutions, covering a wide range, from retail banking to IoT environments and IT security automation solutions.

Incident Response

By assisting customers to react to attacks, contain IT security incidents, take immediate recovery measures, and follow up with technical investigations, Detack enables customers to minimize the impact of IT security incidents, take legal action, and understand and prevent such events from occurring again.

Anti-Surveillance

Finding intentional or unintentional IT security-related issues that enable the extraction or leakage of personal or corporate information, with a strong focus of IoT, mobile communications / smart phones, automotive, and telematics industries.

Specific Areas of Expertise

IT SECURITY AUDITS & CONSULTING

Detack covers all requirements of an IT security audit – from general penetration tests to in-depth analysis of the application layer and the organizational layer. These services are accompanied by the evaluation of the IT security policy and security guidelines as well as management consulting.

Besides the common range of professional IT security audit and consulting services, Detack is the accepted partner for specific, highly sensitive or difficult to address domains.

MAINFRAME & MIDRANGE SYSTEMS

Detack is the leading German supplier of professional security audits, consulting, and penetration testing for IBM mainframe and midrange systems, counting some of the largest installations amongst its reference customers.

IOT & INDUSTRIAL SYSTEMS

Having developed specialized knowledge in niche areas such as embedded electronics, mission critical systems and complex automation / industrial systems, Detack provides complete IT security services in testing, consulting and development in the IoT area, ranging from mobile communications, telematics, to large industrial installations, avionics, telecom operators, critical infrastructure, to big data and distributed management networks.

ATMS, RETAIL BANKING & FINANCIAL SYSTEMS

Endorsed and certified by ATMIA (ATM Industry Association), Detack is the leading supplier of professional IT security services for retail banking, core banking, online banking, cash and payment processing systems. The largest German banks and ATM networks are already clients of Detack for securing their ATM and POS networks.

Industry Solutions

sign IA is a suite of components offering real and secure Single Sign-On with implementation of Windows Logon. It integrates single, multiple and multi-factor-authentication sources using logon tickets. The authorized users get automatic access with Windows Logon (Kerberos) to all connected applications. A manual entry of further credentials is not required.

The integrated Web Security Gateway (GW) securely seals off the applications against attackers. As a result, only authenticated and authorized users get access to sensitive company and customer data.

Security Management

Complex environments in particular have to meet high security requirements, which must comply with various regulations (security laws, company requirements, BSI standards, etc.).

COSMO (Continuous Object-based Security Management Operations) documents in detail the implementation of security measures through security templates and provides both a central overview of the current status of implementation as well as documentation on past stages.

It thus serves the management as evidence of the measures taken and supports the operational level in the implementation of possible solutions.

ATMs & Retail Banking

Endorsed and certified by ATMIA (ATM Industry Association), Detack is the leading supplier of professional IT security services for retail banking, core banking, online banking, cash and payment processing systems. The largest German banks and ATM networks are already clients of Detack for securing their ATM and POS networks.