Notes: The CRYPTRON Security GmbH website does not use cookies. No session or user cookies are created when visiting the website. Cookies are small text files that can be stored in a user's Internet browser via a website. Cookies are only created when administrators make adjustments to the CMS. Cookies do not cause any damage to your computer and do not contain viruses. By using this website you agree to the processing of statistical data about you by Google (Google Analytics). We occasionally run marketing campaign with support of Google Analytics for evaluation. You can disable the use of cookies at any time through the settings in your browser. As a rule, cookies are used only for the duration of your session for the purpose of anonymous, static assessments and to improve the user experience on our website. By clicking "OK", you agree to the storage of cookies on your device, which will be used to improve website navigation, analyze website usage and optimize our marketing efforts.

More Information
Info

Cryptron EN

Search

Our offers

Overview of the CRYPTRON service portfolio

CRYPTRON Security divides its service portfolio into three main categories. The list of our services listed below shows an excerpt of our fields of activity with which we competently advise our customers. More detailed information about our services, we can explain you in a non-binding consultation.

CONSULTING

We expand your business and minimise risks

Our advice in the field of information security is based on many years of proven practical experience. These empirical values ​​are an advantage in the area of ​​conceptual work, evaluation and planning of your safety measures and individual needs.

Our offers

  • Safety security strategies and conception
  • Reviews, product-neutral second opinions
  • Support of procurement projects
  • Support of security related projects
  • Modelling of risks according to IT-Grundschutz (BSI)
  • IT risk assessment according to ISO/IEC 27005:2018
  • Assessment according to NIST 800-53 or SANS CIS Controls
  • ISMS framework according to ISO/IEC 27001
  • Internal control system (ICS), control models according to COSO or COBIT
  • Vulnerability management with open source threat intelligence feeds
  • Data protection impact assessments (PIA) according to GDPR

AUDIT AND TESTING

We check your security arrangements

An in-depth IT security audit in the form of an audit or penetration test serves as a basis for improving the overall security in a company. We identify weaknesses in systems, networks or complex web applications on behalf of customers. All safety tests are carried out according to a standardized procedure and can be adapted to customer requirements.

Our offers

  • Penetration Testing
  • Advanced Persistent Threat (APT) simulation
  • Web Application Security Audit according to OWASP ASVS
  • Mobile Security Audit according to OWASP Mobile Security Project
  • Network Security Audit (OSSTMM, PTES Standard)
  • Vulnerability based scan (external / internal)
  • Social Engineering / Phishing Audit
  • Cyber threat hunting
  • IT Forensic
  • Source Code Review
  • Secure Engineering (Windows, Linux, Unix, macOS)
  • IoT Security Testing
  • Cloud Security Assessments (AWS, Azure, Docker)

Processes

Security is not a state but a process

Information security usually depends on all process units in an enterprise organization. The variety of the process landscape can also affect the complexity and corporate strategy. The CRYPTRON security consultants have the necessary project experience to identify and evaluate critical processes in your company.

Our offers

  • DevSecOps and software development with SDLC and OpenSAMM
  • Conceptual review of critical processes
  • Strategic planning based on a SWOT analysis
  • Modeling Risks (Thread Modeling)
  • Conception on various topics with a focus on security (for example data protection concept)
  • Integration of DevOps and Source Code Analysis Tools (SAST & DAST)