SEC Consult

SEC Consult is a Vienna-headquartered Austrian cybersecurity consultancy founded in 2002, providing comprehensive penetration testing and security advisory services across the DACH region, broader European market, and internationally, with offices in Austria, Germany, Singapore, and other locations.

The company is known for its deep technical expertise and vulnerability research program, having discovered and responsibly disclosed hundreds of vulnerabilities in widely used software products, particularly in embedded devices, IoT systems, and enterprise applications. SEC Consult's services include web application penetration testing, network testing, mobile application testing, IoT and embedded device security, red teaming, and source code review. Their Vulnerability Lab has published research on critical vulnerabilities affecting millions of devices worldwide, demonstrating the caliber of their technical team.

The company follows OWASP, OSSTMM, and PTES methodologies and holds ISO 27001 certification. SEC Consult serves enterprise clients across financial services, telecommunications, manufacturing, and government sectors, with particular expertise in European regulatory compliance including GDPR, NIS 2, and DORA. Their consultants hold certifications including OSCP, OSCE, CREST CRT, and CISSP.