Stay healthy!

Dear business partners,

our Business Continuity Plan enables the execution of all our activities: For this purpose, our employees have split up into several teams working in separate locations. Some of them work isolated in their home office. Our office is also occupied. Our business operations are running at 100 %

Please feel free to communicate by e-mail - with your responsible security consultant or to We will also gladly call you back!

Through these measures we protect our customers and our employees and guarantee you a consistently high security level. All promised deadlines are met.

Yours sincerely
Prof. Dr. Hartmut Pohl

About softScheck

Hartmut PohlProf. Dr. Hartmut Pohl

supports you in methodically developing secure software and firmware – based on recognized industry guidelines such as ‘ISO 27034 Application Security’ and the OWASP Software Assurance Maturity Model or Secure Software Development Life Cycle (S-SDLC, Microsoft).

Our core competencies range from Security Requirements Analysis, Threat Modeling, Static Source Code Analysis, classic Penetration Testing and Fuzzing and Security Testing to Compliance Testing.

In addition, we perform certified Security Test services as an audit partner of TÜV Saarland and DEKRA.



A new workshop:

Identifying Vulnerabilities in Systems – Basic Cyber Security (free of charge)
An overview about more workshops can be found here

Model-based Security Engineering for Secure Systems Development - An approach for Software Engineering
Smarter World Produkt des Jahres 2019 Smarter World price for the product of the year goes to .

Latest Publication

The 10 most common security vulnerabilities in medical devices

Security Testing Medical Devices (Software and Hardware)

Download PDF

Latest Blog post

How to use an undocumented ILIAS version 4.x, <5.0.21, <5.1.17, <5.2.3 security vulnerability to gain RCE

ILIAS is a free and open source learning platform which can be used to create and distribute web-based teaching and le...

Read Article

What our clients are saying

"As long as I require penetration testing, I will be a client of softScheck."

„It was a really very good and pleasant cooperation with your colleagues. I had a lot of fun!“

Axel Koch, Storz Medical AG
Software Development

“softScheck’s customer-orientation is characterized by a high sense of responsibility towards the customer. The consultants were personally available to answer questions even after the security tests were completed.”

Jens Heddrich, Sofort GmbH
IT-Security Officer

“The customer-oriented consultants of softScheck GmbH successfully supported us during the threat modeling of a Java EE application.”

Stefan Krecher, Hannover Re
Software Engineer, IT-Business Solutions

Security Testing as a Service

Everybody is talking about attacks on IT systems and trying to recognize them. A completely wrong strategy!
Actually vulnerabilities are the root of all evil. Attacks are only successful if they can exploit a vulnerability. Therefore:

Let us improve your security: identifies Zero-Day-Vulnerabilities in every type of software and hardware. We offer „Security Testing as a Service“ in form of a holistic process.

secures your software, firmware, apps and systems, Networks, Server, Router and Gateways and also Blockchains, Smart Contracts, Wallets, dApps, DLT etc. In IoT/Industrie 4.0, SCADA and in general.



Embedded Software Engineering Kongress digital
Vortrag mit dem Titel "How to Open Locked Doors with an RFID Multi-Tool"
Workshop: Sicherheitslücken identifizieren – Cyber Security Grundlagen
Werfen Sie einen offensiven Blick auf die Sicherheit Ihrer Systeme: In diesem Cyber Security Workshop schulen zwei erfahrene softScheck Penetration-Tester die Teilnehmer und identifizieren die Sicherheitslücken – auch bisher nicht-veröffentlichte Zero-Day-Vulnerabilities, empfehlen Gegenmaßnahmen und erläutern die Bedeutung von Sicherheitstests mit mehreren Methoden.
Workshop: Entwicklung sicherer Software – ISO 27034
Einfacher Start in den Security Testing Prozess und beispielhafte Integration der ISO 27034 in den Kunden-eigenen Entwicklungsprozess.
All Events

Customers and Partners

Storz Medical AG
netcologne logo
fsp logo
Allianz für Cyber-Sicherheit
openlimit logo
bitkom logo
Berlin University of Digital Sciences