Penetration Tests

Penetration Tests

Penetration Tests

Assuming the role of an attacker, we test your devices, networks, services, and applications for vulnerabilities. Using social engineering and red teaming we test the behavior and processes of the whole organization. read more

Security Reviews

Security Reviews

Security Reviews

Experienced IT analysts support you with a second opinion on security concepts and if requested, test the structure, configuration, and source code of your solution. read more

Incident Response

Incident Response

Incident Response

Our experts help in coordinating incident and emergency measures as well as with the processing of data for use in court. Additionally, we provide quick and accessible research into the cause of incidents. read more

Security Trainings

Security Trainings

Security Trainings

Benefit from our analysts' knowledge of penetration testing, network analysis, digital forensics, secure mobile apps, and other applications, or choose to receive training in our specially created lab. read more

FileBox

FileBox

FileBox

FileBox is a solution for both secure file transfer and secure file storage. It provides you with the ability to securely exchange documents. read more

Hacking-Lab

Hacking-Lab

Hacking-Lab

Hacking-Lab is an online ethical hacking, computer network and security challenge platform, dedicated to finding and educating cyber security talents. read more

CALENDAR

Welcome to SecTor

Canada's premier IT Security conference will take place in Toronto in October. With Compass Security, you can attend at a discount or even for free. Read more

ALL DATES

NEWS

Vulnerability in "The Scheduler" Plugin for Jira

Thierry Viaccoz has identified an XML External Entity (XXE) vulnerability in "The Scheduler" plugin for Jira. Read more

Vulnerability in the Email+ iOS Application from MobileIron

Sylvain Heiniger has identified a "Cleartext Storage of Sensitive Information" vulnerability in the MobileIron application Email+. Read more

Vulnerabilities in Universal Automation Center (UAC)

Michael Fisler and Felix Aeppli have identified vulnerabilities in the Universal Automation Center (UAC). Read more

ARCHIVES

Compass Security Blog

Privilege escalation in Windows Domains (2/3)

This second article about privilege escalation in Windows domains describes how to propagate by aiming for passwords that are lying around. mehr

Privilege escalation in Windows Domains (1/3)

This first article of our series about privilege escalation in Windows domains demonstrates how to get a foothold by relaying credentials from users. mehr

ZUM BLOG