Certitude continues strong growth
Certitude Consulting, the specialist company for cyber security founded in 2019, is continuing on its growth course with the massive reinforcement of its in-house team of experts. A total of six security specialists from the areas of IT infrastructure, IT governance, digital forensics, threat hunting, incident response, vulnerability analysis and penetration testing and cloud security strengthen the Viennese consulting company, which includes banks, insurance companies, industrial companies and public organizations in Austria, Germany, Switzerland, Luxembourg and Italy in IT security matters and supported on site in the event of cyber attacks.
Ulrich Kallausch, founder and one of the managing partners of Certitude Consulting, explains the significant increase in the team: “We are working in our core business areas to ensure the level of quality and the necessary confidentiality exclusively with our own employees. Certitude generally does not outsource projects by sourcing from partner companies, body leasing or engagement of freelancers.
Marc Nimmerrichter, also a founder and managing partner, sees the advantage of working exclusively in-house: “The high quality of our work is also due to the constant exchange within our teams. Our publications on vulnerabilities or security gaps in well known software products are internationally recognized and respected.”
He continues: “We are still looking for motivated, reliable and bright minds who enjoy challenges and have a great interest in cyber security.”
The new experts:
After studying business informatics and computer security, he worked as an experienced consultant in the design of secure IT infrastructures as well as data protection and information security management systems. At Certitude, the development of IT strategies and processes related to business continuity management are also part of his daily tasks. Another focus is IT governance, with the focus being primarily on conducting audits and designing processes based on relevant regulations, best practices and standards.
After studying computer and media security at the FH Hagenberg and before joining Certitude, he made his first professional experience at a Big Four consulting firm. He is a proven expert in offensive IT security topics such as penetration testing, red teaming and social engineering, as well as in defensive topics such as incident response, digital forensics and threat hunting. Giulian Guran holds related certifications. He recently uncovered a critical code execution vulnerability in the GridPro software as part of a Certitude project (CVE-2021-40371).
Roman Ferdigg has many years of experience in consulting for IT security. He is a specialist in software security and penetration testing (in particular pentesting Microsoft Active Directory environments) as well as in incident response and forensics. Ferdigg holds numerous certifications. He recently published an analysis of an attack on an Austrian company in which the attacker (probably accidentally) synchronized data with the victim’s system and so disclosed other attack victims (including large international companies and well-known brands).
is an information security professional with more than 20 years of experience in the industrial and financial sectors. From his many years as a security officer at industrial companies, banks and financial service providers, he was able to gain extensive experience in setting up and operating information security management systems as well as IT risk management and threat modeling. In addition, he has experience in the planning and operation of secure cloud solutions. As a member of Thales’ Data Security Council, he has contributed to the preparation of the Information Security 2025 report and has given several international presentations at security conferences in London and Prague.
Edwin Schönegger holds a Master of Science (MSc.) in IT Security. Previously, he was Head of IT and Information Security at a market-leading financial services company. He is a security expert with many years of experience in software development, information security, risk management and project management, and also has many years of management experience. Currently he is particularly active in the field of secure software development in an advisory capacity.
Schweitzer was previously in software development and the founder of a start-up. He has particular expertise in software security, cloud security and penetration testing of web applications. Apart from his technical expertise, he is very experienced in project organization and communication. At the largest European expert conference, the Chaos Communication Congress 2020, he spoke about new vulnerabilities in the web applications of mobile network operators.