Competencies

Website Security Services: We Protect Your Web Application

We plug security holes and resolve vulnerabilities of your web application. Our website security services guarantee availability, integrity and confidentiality of information. We offer security consulting services and protect web applications against the cyber-attacks listed in the OWASP Top 10. We keep our systems up to date and are ISO 27001 certified – for maximum security in the digital world.

Consulting Services: We Find the Right Balance between Information Security And Data Protection

There is no standard solution or even a standard procedure for companies where security is concerned. That is why we offer the full range of security consulting services, from CISO-as-a-Service to risk management and website security checks. We work together to find the right balance between information security and data protection for your processes and applications.

CISO-as-a-Service

  • We can help you assess how your ICT is performing in terms of information security and data protection under Swiss or European Data Protection Regulation (GDPR). Assisted by our tools, you will quickly be provided with a gap analysis or maturity assessment of your organizational processes and functions.
  • We can advise you throughout the process of introducing and implementing a systematic information security management system – in accordance with ISO 27001:2013, for example.
  • We can support you in meeting new compliance requirements under international standards or laws (for example, ISO 9001) and can integrate these into your Internal Control System (ICS).

Learn more about our security audits.

Free Website Security Check

Our website security check can help you improve the security and performance of your web application. Our report provides you with specific practical measures and identifies risks. If you wish, we can also compare your website’s security with that of a competitor or partner. This enables us to provide you with even more specific suggestions for improvement. Try it out for yourself now.

Order a free report today.

Protected From Attacks: We Guarantee Availability and Ensure Secure Data Traffic

DDoS Attacks: We Guarantee Availability

We protect our clients from distributed denial-of-service attacks (DDoS attacks). These are attacks aimed at blocking a service or server. During a DDoS attack, a requested service or client is no longer available or only available to a limited extent. Financial losses, a damaged reputation, dissatisfied users and data theft are some of the possible consequences.

We use Incapsula’s on-demand service to protect against Layer 3/4 DDoS attacks. Your benefits include:

  • On-demand protection against DDoS attacks up to 10 Gbit/s.
  • Guaranteed availability of 99.999%.
  • Extremely low latency.
  • Network traffic does not have to leave the EU; 9 locations in Europe and 29 across the globe route all network traffic in the event of an attack.
    The DDoS protection does not affect performance if no attack occurs.

Providing protection from DDoS attacks is part of our managed services offering. Learn more.

Web Application Firewall (WAF): We Stop Cyber Attacks

A web application firewall (WAF) examines all requests sent to a web server and its responses. Should the firewall detect any suspicious or dangerous patterns, it stops all further communication. Possible attacks include cross-site scripting, SQL injection, forceful browsing and cookie poisoning.

We use a WAF to fend off malicious data traffic on the application layer (Layer 7). We use the F5 Big-IP Application Security Manager (ASM) as a WAF – the leading product on the market. The service offers protection from the Top 10 threats identified by the Open Web Application Security Project (OWASP). The web application firewall enables us to take both a whitelist and blacklist approach.

WAF is part of our managed services offering. Learn more.

Let’s Encrypt Certificates: Protect Personal Data

  • Transport layer security (TLS): Transport layer security (TLS) is a protocol that protects personal data when users communicate with applications online. TLS ensures that unauthorized third parties can’t intercept or change the communication between user and client. Consequently, using TLS makes your website more trustworthy for users and adds integrity. Moreover, TLS prepares you for HTTP/2, ensuring you're ready for the future. Using transport layer security also means you rank higher in search engines like Google. We provide our managed services clients with free TLS certificates from Let's Encrypt. Learn more.
  • Domain Name Server (DNS): As part of our DNS service, we check all certificates for Certificate Authority Authorization (CAA) before they are issued. This means we can stop certificates being incorrectly issued by insecure certificate authorities (CA) in advance. Our DNS services are part of our managed services offering. Learn more.

Penetration Testing: Simulated Attacks to Prepare for Critical Situations

We carry out web application penetration tests with our partner wizlynx. We use real attack strategies to systematically uncover vulnerabilities. These vulnerabilities are either caused by the application itself or its relationship to the rest of the IT infrastructure.

Our Systems Benefit from Maximum Security Standards – Both for Us and Our Clients

Vulnerability Scanning: We Scan Our Systems Automatically for Security Holes

Security is our top priority. This is why we regularly scan our systems for vulnerabilities. Any vulnerabilities identified automatically generates a ticket and are fixed in the next patching process. Our vulnerability scanning is authenticated to prevent downtime and guarantee accurate results and practical recommendations.

We Are ISO 27001 Certified

Our private cloud hosting service has been certified to ISO27001:2013 since April 2018. The certification commits us to:

  • Systematically assessing information security risks, including threats, vulnerabilities and impacts.
  • Drafting and implementing information security controls and/or other forms of risk management (such as risk avoidance or risk transfer).
  • Introducing a comprehensive management process to ensure that information security controls continue to meet requirements.

Security Is a Matter for Experts. We Are Your Trusted Contact.

Learn More about Our Wide Range of Hosting Services

Managed Services

As a Managed Service Provider we host and maintain your web application on our servers.

Service Desk

Our Service Desk takes care of all your IT queries immediately and competently