Provider Profile


Im Mediapark 5 50670 Köln

About SevenShift

SevenShift is a boutique security consulting firm with a focus on Cybersecurity, IIoT and IoT. Our experience in security testing, design, and implementation has helped us provide security solutions for many organizations. Through our services, we help companies to improve and secure their business and products.

What Differentiates Them From Competitors?

Our extensive experience in testing IoT devices and ecosystems has given us a thorough understanding of the challenges and dangers faced by these systems. We have tested numerous devices and ecosystems over the past few years, giving us the ability to identify and address issues before they become a problem for our clients. Our team holds industry-recognized certifications in cybersecurity.

Top Capabilities

Audits / Security Certification Services
Preparation and implementation of audit requirements (e.g. ISO27001, IEC 62443, or similar)
Cloud Native Security / CNAPP
Cloud-Native Application Protection Platform (CNAPP) is a cloud-native security model that encompasses Cloud Security Posture Management (CSPM), Cloud Service Network Security (CSNS), and Cloud Workload Protection Platform (CWPP) in a single holistic platform.
Offensive Security (e.g. Penetration Testing)
Ethical hacking to identify weaknesses in the IT landscape of a company, e.g. with penetration tests.

Top Industries

Automotive & Supplier Industry
Telecommunications & Information Technology
Utilities & Energy


security-by-design for IoT platform
Leading mobile and IoT provider in Europe
Security Testing and secure-by-design consulting
Support the dev and evolution of the platform through the Secure-by-design process, SevDevOps, and security testing. Aim: a secure solution from the start instead of bolting in on before go live
Pentest of Mobile Applications
Leading mobile and IoT provider in Europe
Pentesting of mobile applications
Our team has successfully delivered a pentest for the flagship mobile application for a mobile provider in Europe. The engagement was performed with a mix of manual and automated security testing.
External network pentest
Automotive part manufacturer in the USA
External network penetration testing
Apart from identifying and exploiting OWASP Top 10 vulnerabilities, a phishing campaign was performed as well. The initial intrusion was followed by lateral movement until a full domain compromise

All Capabilities

Application Security
Cloud Security
Code Scanner
Data Protection
Incident Response
Mobile Security
Network Security
Penetration Testing
Product Security
Risk Scoring
Security Architecture
Security Consulting
Security Testing
Strategy & Advisory
Vulnerability Management
Vulnerability Scanner

Provider Contact

Pablo Endres
Managing Director