Y-Security becomes One Year old – let’s celebrate!
In July 2021 we’ve announced the launch of Y-Security and the year has passed so quickly. Today, we’re looking back at what we have achieved and what the future will bring.
First of all, we would like to thank every single one of you – everyone who has read our blog posts, liked our articles and comment on our publications. Mostly we like to thank everyone of our new clients who made our Year-One-Ylights possible.
Our 2021 Vision
Y-Security was launched under different aspects, which included solving today’s most complex security challenges for our clients. That success is shown in our innovative service development which provides a holistic approach in the offensive security field. This was also acknowledged by the Gründerstipendium NRW which supports innovative business ideas in the area of North Rhine-Westphalia.
2021 – Our Ylights
We divided our service lines into Attack Simulations, Penetration Tests and Security Trainings and managed to perform all of those already in our first year. We still see a heavy demand for classic penetration testing on the German market, but also a rising interest in more advanced and tailored Attack Simulations exercises like Red Team. Throughout the year we have also noticed that our clients require more complex Penetration Testing assessments, which no longer target a single asset, but assets collaborating with each other.
As you can imagine, we have spent a lot of time, effort and money in our first year to build up the basics for our consultancy services. For example, we have created:
- A fully transparent testing approach which leaves no open questions to our clients
- Customized methodologies based on existing and industry proven frameworks
- A fully fledged reporting and note taking system which integrates those methodologies
- A fully automated setup to create customer unique testing environments for Penetration Tests and Attack Simulations
- Innovative new services like the “Practical Table-Top” or “Threat Simulation – Mimicking an APT”
With Y-Security we have transparency in mind and throughout the year we have confirmed that transparency is the factor to success. Those who have seen our company introduction support our vision – If you haven’t seen it, please let us know.
Besides providing our services to clients we also took time for ourselves to contribute to public projects, keep up to date with the latest in information security and work on the challenges in a startup. Highlights and hot topics have been:
- Speaking with national and international TIBER representatives
- Being one of the first to master the PortSwigger Certification Program
- Publishing security weaknesses within Microsoft Teams and Azure as well as further (not publicly disclosed) vulnerabilities to other vendors and projects
- Performing offensive security consultancy in critical environments (KRITIS)
- Helping clients to identify critical vulnerabilities en-scale quickly after the public release of the issue
2022 – More Ylights to come
This has just been year one of Y-Security and our journey. We are looking forward to the next year when we can celebrate with even more clients, friends and employees. Stay tuned and always ask Y.