What our clients say

Hannover Re

»The customer-oriented consultants of softScheck GmbH successfully supported us during the threat modeling of a Java EE application.«

Stefan Krecher
Software Engineer, IT-Business Solutions

Storz Medical AG

»It was a really very good and pleasant cooperation with your colleagues. I had a lot of fun!«

Axel Koch
Developer

Sofort GmbH

»softScheck’s customer-orientation is characterized by a high sense of responsibility towards the customer. The consultants were personally available to answer questions even after the security tests were completed.«

Jens Heddrich
IT-Security Officer

Latest Blog Post

Zammad Helpdesk Zero-Day-Vulnerability

Jul 21, 2022

During a security test at one of our customers, we came across a web application with integrated helpdesk software. In this context, we identified a critical zero-day vulnerability in Zammad's software. This existed because Zammad did not perform authorization correctly for certain attachment endpoints. This would allow an unauthenticated attacker to gain access to all attachments -- such as pictures, emails or other attached files. In this blog post, we describe how the vulnerability was identified and exploited, as well as what caused it

Read Article

Clients and partners

Storz Medical AG
netcologne logo
fsp logo
it-sa
ISA
Allianz für Cyber-Sicherheit
GI
infoteam
bitkom logo
Johner-Institut
Berlin University of Digital Sciences
nrw units
privacy one
KVW