softScheck | we identify vulnerabilities others don't

About softScheck

Prof. Dr. Hartmut Pohl
CEO

softScheck supports you in methodically developing secure software and firmware – based on recognized industry guidelines such as ‘ISO 27034 Application Security’ and the OWASP Software Assurance Maturity Model or Secure Software Development Life Cycle (S-SDLC, Microsoft).

Our core competencies range from Security Requirements Analysis, Threat Modeling, Static Source Code Analysis, classic Penetration Testing and Fuzzing and Security Testing to Compliance Testing.

In addition, we perform certified Security Test services as an audit partner of TÜV Saarland and DEKRA.

Learn more

News

Model-based Security Engineering for Secure Systems Development - An approach for Software Engineering

softScheck is one of the 25 hottest IT-security companies

Smart Building Security: Nothing is as it seems
Interview with Prof. Dr. Pohl
softScheck is listed in the Siemens Hall of Thanks

Latest Publication

What about Security in DLT, blockchain and components like dApps, smart contracts, wallets, frameworks?

Download PDF

All Publications

Latest Blog post

Testing the “Netatmo Welcome” Smart Camera – Hardware Hacking

Netatmo Welcome is a smart camera, which is capable of recognizing faces, streaming recordings into the cloud or alertin...

Read Article

All Blog Posts

What our clients are saying

"As long as I require penetration testing, I will be a client of softScheck."

“softScheck’s customer-orientation is characterized by a high sense of responsibility towards the customer. The consultants were personally available to answer questions even after the security tests were completed.”

Jens Heddrich, Sofort GmbH

IT-Security Officer

“The customer-oriented consultants of softScheck GmbH successfully supported us during the threat modeling of a Java EE application.”

Stefan Krecher, Hannover Re

Software Engineer, IT-Business Solutions

“The experienced consultants of softScheck have given us valuable impulses for the architecture and design of our Java applications by implementing a threat modeling as well as their practical implementation within the framework of our Secure SDLC.“

Volker Kossack, InterComponentWare AG

Manager Software Engineering

All references

Security Testing as a Service

Everybody is talking about attacks on IT systems and trying to recognize them. A completely wrong strategy!
Actually vulnerabilities are the root of all evil. Attacks are only successful if they can exploit a vulnerability. Therefore:

No successful attack without a vulnerability!
Only software products without vulnerabilities are really secure!

Let us improve your security: softScheck identifies Zero-Day-Vulnerabilities in every type of software and hardware. We offer „Security Testing as a Service“ in form of a holistic process.

softScheck secures your software, firmware, apps and systems, Networks, Server, Router and Gateways and also Blockchains, Smart Contracts, Wallets, dApps, DLT etc. In IoT/Industrie 4.0, SCADA and in general.