What our clients say

SSV Software Systems GmbH

»We had our IGW / 922 VPN remote access gateway router tested by the IT security experts of softScheck, using both penetration testing and the fuzzing of specific network interfaces. We would like to thank softScheck for their excellent work and will continue to rely on them in the future.«

Klaus-Dieter Walter
CEO

Sofort GmbH

»softScheck’s customer-orientation is characterized by a high sense of responsibility towards the customer. The consultants were personally available to answer questions even after the security tests were completed.«

Jens Heddrich
IT-Security Officer

Hannover Re

»The customer-oriented consultants of softScheck GmbH successfully supported us during the threat modeling of a Java EE application.«

Stefan Krecher
Software Engineer, IT-Business Solutions

Latest Blog Post

Zammad Helpdesk Zero-Day-Vulnerability

Jul 21, 2022

During a security test at one of our customers, we came across a web application with integrated helpdesk software. In this context, we identified a critical zero-day vulnerability in Zammad's software. This existed because Zammad did not perform authorization correctly for certain attachment endpoints. This would allow an unauthenticated attacker to gain access to all attachments -- such as pictures, emails or other attached files. In this blog post, we describe how the vulnerability was identified and exploited, as well as what caused it

Read Article

Clients and partners

Storz Medical AG
netcologne logo
fsp logo
it-sa
ISA
Allianz für Cyber-Sicherheit
GI
infoteam
bitkom logo
Johner-Institut
Berlin University of Digital Sciences
nrw units
privacy one
KVW