Security is our Business
There is a simple reason why Global 2000 companies work with us: We are the specialists providing rock-solid know-how. Our teams are able to provide excellent results in a variety of fields, ranging from technical security tests to advanced research assignments.
We will address your individual needs and will tackle complex projects with utmost efficiency and reliability. Let us work for your advantage – Get in touch with us!
Are you ready?
Our experts will get in contact with you!
Results in Perfection
Results matter. We deliver facts and explain the possibilities they offer. This is the reason our experts get invited by conferences from all around the world to share their experience and knowledge. We are presenting the latest results from advanced research projects. That is the rerason why we are always a step ahead. That is important.
Interview in der Serie "A Women in AI"
Take a look behind the Curtain
Advanced details explained in Interviews
In a changing world, details are crucial. Technological progress and international exchanges make transitions even faster. Our specialists are well-established correspondents and interview guests for matters of information security, often shedding light on information that would otherwise be overlooked or misinterpreted.
More than 15 years pushing forward
Reliability and sustainability guarantee success
scip AG was founded in 2002 in the city of Zürich, Switzerland. The acronym scip stands for Security, Consulting, Information and Process. This should emphasize our focus on systematic consulting in information security. From there, it wasn’t long before our slogan Security is our Business cemented itself.
In order to tackle information security, we need to be able to recognize vulnerabilities. Thus, auditing served as a first tentpole of our company that had its first offices in Zürich’s Technopark. Apart from supporting open source projects, we started developing our own vulnerability scanning and exploitation framework in order to efficiently find and effectively exploit vulnerabilities.
Almost fifteen years ago, the IT landscape looked completely different and very few companies had realized the importance and use of being able to systematically assess risks. Since then, the industry has grown, as have we with our clients. During the early years of the company, two thirds of our work were in the financial sector. It was the first sector to – first because of their own agency, then because of legal reasons – recognize the risks in IT. This awareness has spread to other industries. Our international clientele works in all industries, from government to public offices to insurance, pharmaceuticals, chemistry and health to other areas of industry. Their demands are basically the same, but industry specific thinking becomes important when dealing with the unique needs or a client, which is a skill that we hone by supporting our clients.
We aim at long term solutions in all our endeavors, that might sound archaic. It became clear quickly that we would remain completely self-financed and stocks could only be in possession of our employees. This ensures that external stakeholders can’t influence us and we can maintain a maximum of flexibility in an industry that changes rapidly.
Due to this approach ideas, proof-of-concepts and prototypes can be developed without having to think of revenue. This conscious decision allowed us to encourage and drive internal and, later, public research and development. Among the results is our own vulnerability database that chronicles all vulnerabilities ever published, starting in 1979. The database serves as a knowledge base for our penetration testers and consultants and clients, partners, companies and the public use it to gain knowledge, understand attack vectors and reference vulnerabilities use.
Success of a company is dependent on its employees. Long term thinking is of course important in that regard as well and we aim for steadiness in order to keep personnel fluctuation as low as possible. We only employ full time employees and do not work with freelancers for security reasons. All our staff goes through security checks, which ensures a maximum of integrity.
Motivation for employees is gained by them having fun at work and facing new challenges frequently. Per week, they use a day to research own projects. They have developed methods and solutions that range from facilitating document creation to an internal system to safely exchange large files. Or they tackle research ordered by clients. Subjects such as drones, wearables and the Internet of Things remain areas of great interests among our clients and our staff. Information security is not limited to firewalls, viruses and patches. We live in the age of information and everything that uses electronic data is interesting to us.
The consequence of our continued research leads to a high number of publizised documents. We’ve published one such document a week for seven years now on our company blog. The number of clicks and the amount of feedback on it prove us right in our publishing efforts. Our employees go to international conferences, help organize them, hold talks or engage in panel discussions. This helps us remain on the cutting edge of time and technology, to recognize trends early on and to react to them. Some things have remained the same for 3000 years: Secrets want to be protected, necessitating cryptographic and steganographic tools. Others change on a daily basis such as attack vectors or geopolitical influences in the field of cyber security.
Our internal research division goes one step further. By exchanging information with co-workers, clients, partners, industry insiders and experts we aim to recognize future trends. We’re one step ahead, which leads to an immediate profit for our clients. The research division’s slogan isn’t Know the Future! for nothing.
Three years ago, we’ve started collecting our most exciting and most current research articles and publishing them in a printed book and making it available as an E-Book. We hope to give you a bit of insight into our daily work and that you have as much fun reading as we had researching and writing. We live in incredibly interesting times. And we should make use of them.
Publication of our best articles and papers as a book
Monthly released e-paper containing news and articles
Weekly published articles in our own research blog
Our Books are convincing
The best articles from one year of research
Foreword by the executive board addressing the anniversary edition
Foreword by Igor Brodnik, Chief Information Security Officer, Lonza
Foreword by Ivan Büchi, Head of Digital Office, Cantonal Bank of Glarus
Foreword by Pascal Adam, CISO, Parliament Services Switzerland
Foreword by Erwin Jud, Senior Security Engineer, SBB Infrastructure AG
Foreword by Candid Wüest, Threat Researcher, Symantec
Do you know our new book about AI
Buy it on Amazon now!