White Paper
You want to know more about our services and our approach in detail? In our white paper, you will find an in-depth description of how we will perform a test in your company, which tools we are going to use, and which circumstance are necessary in order to realize an efficient and successful security assessment. If you would like to receive our white paper in print, do not hesitate to send an e-mail to info@syss.de, including your name and postal address.
SySS Responsible Disclosure Policy: Research and Responsibility
SySS GmbH deals with security issues in a responsible way. In the form of a security advisory, we report security vulnerabilities which are not in products of our customers and which are not excluded from public disclosure due to contractual agreements with vendors.
The security advisory contains detailed information about the found vulnerability that allows the vendor to reproduce and further investigate the reported security issue. Vulnerabilities will be disclosed to the public if a solution was published by the vendor or 45 days after the initial report by SySS GmbH, regardless of the vulnerability status, for example if there is a patch or workaround from the affected vendor. In well-founded, exceptional cases, this standard procedure may not be followed and an alternative, adjusted publication schedule will be negotiated with the vendor.
The goal of our Responsible Disclosure Policy is, to weigh up the need of the public to know of security vulnerabilities against the vendor’s time to remedy all security issues effectively. The final publication schedule will be based on the best interests of the community overall, considering both positions. Prior to the responsible disclosure of a security vulnerability, SySS GmbH gives vendors the opportunity to analyze reported security issues, develop effective countermeasures, and test them thoroughly.
A presentation by Senior Expert IT Security Consultant Matthias Deeg, DeepSec 2022, November 18, 2022
A presentation by Senior IT Security Consultant Oliver Schwarz, DeepSec 2022, November 17, 2022
A presentation by Senior Expert IT Security Consultant Matthias Deeg, BruCON 2022, September 30, 2022
A presentation by Expert IT Security Consultant Adrian Vollmer, TROOPERS22, June 29, 2022
A presentation by Senior Expert IT Security Consultant Matthias Deeg, CONFidence 2022, June 7, 2022
An article by IT Security Consultant Moritz Bechler
An article by IT Security Consultants Matthias Deeg and Gerhard Klostermeier
An article by IT Security Consultant Vladimir Bostanov
An article by Senior IT Security Consultant Christoph Ritter
A presentation by Moritz Abrell, #Hacktivity2020, Online, October 9, 2020
A presentation by Matthias Deeg, #Hacktivity2020, Online, October 10, 2020
An article by IT Security Consultant Moritz Abrell
A presentation by Matthias Deeg and Gerhard Klostermeier, t2 infosec conference, Helsinki, October 24, 2019
A presentation by Matthias Deeg and Gerhard Klostermeier, hack.lu 2019, Luxembourg, October 22, 2019
A presentation by Matthias Deeg and Gerhard Klostermeier, CONFidence, Krakow, June 4, 2019
An article by IT Security Consultant Moritz Bechler
A presentation by Matthias Deeg, #Hacktivity2018, Budapest, October 13, 2018
An article by Matthias Deeg and Gerhard Klostermeier about "Bluetooth Trust Relationships"
Leveraging PowerShell to Execute Arbitrary Shellcode. An article by Dr. Adrian Vollmer
An article by Matthias Deeg and Gerhard Klostermeier
An article by IT Security Consultant Alexander Straßheim and SySS Managing Director Sebastian Schreiber.
An article by IT Security Consultants Matthias Deeg und Gerhard Klostermeier
An article by Senior IT Security Consultant Finn Steglich
An article by IT Security Consultant Dr. Adrian Vollmer
A presentation by Matthias Deeg und Gerhard Klostermeier, Ruxcon 2016, Melbourne, October 23, 2016
How to Bypass the Password-Based Authentication for Unloading Kaspersky Endpoint Security 10 for Windows and other Endpoint Protection Software Products as a Limited User, an article by Matthias Deeg and Sven Freund
A presentation by Matthias Deeg
BSidesVienna 0x7DF, Wien, November 21, 2015
A presentation by Matthias Deeg, DeepSec, Wien, November 19, 2015
A presentation by Micha Borrmann, Hacktivity, Budapest, October 10, 2015
A presentation by Matthias Deeg, BSidesVienna 0x7DE, Wien, November 22, 2014
Presentation by IT-Security Consultant Micha Borrmann, Hacktivity, Budapest, October 10, 2014
An article by Matthias Deeg, Sebastian Nerz and Daniel Sauder
An article by Matthias Deeg and Sebastian Schreiber
A presentation by Micha Borrmann, Positive Hackdays (PHDays), Moskau, May 30/31, 2012
A security vulnerability in the software component McAfee Security Agent, which is part of the antivirus software McAfee VirusScan Enterprise, can be leveraged in attacks against corporate networks. An article by Matthias Deeg and Sebastian Schreiber
An article by Christian Eichelmann and Sebastian Schreiber (available in English and German)
The SySS GmbH cracked a hardware-encrypted FIPS 140-2 certified USB flash drive from SanDisk. An article by Matthias Deeg and Sebastian Schreiber (available in English and German)
An article by Sebastian Schreiber
DO NOT HESITATE TO GET IN TOUCH +49 (0)7071 - 40 78 56-0 or anfrage@syss.de | OUTSIDE REGULAR OFFICE Hours CALL +49 (0)7071 - 40 78 56-99
As a framework contract customer please dial the provided on-call service number
DO NOT HESITATE TO GET IN TOUCH +49 (0)7071 - 40 78 56-0 or anfrage@syss.de
OUTSIDE REGULAR OFFICE Hours CALL +49 (0)7071 - 40 78 56-99
As a framework contract customer please dial the provided on-call service number
GET IN TOUCH
+49 (0)7071 - 40 78 56-0 or anfrage@syss.de
OUTSIDE REGULAR OFFICE Hours
+49 (0)7071 - 40 78 56-99
As a framework contract customer please dial the provided on-call service number