Individual
IT‑security solutions
from people
for people


Company

We develop and operate systems with a focus on security and stability. In the area of IT security, we provide advice with the highest technical standards and support the introduction and implementation of security concepts.

Our core competencies include:

  • Software architecture and development
  • IT security consulting
  • Integration of software solutions
  • Architecture and operation of Linux servers and networks

Our team is ready with its diverse experience and knowledge to support you with your challenges.


Our crews

Information security and data protection are among our core values: these are never fixed end-states - rather they require a practiced process and continuous improvement. Our mission is to enable you to make well-informed decisions, understand security risks and focus your resources where they can have the greatest impact on your security.

In order to achieve the most for you, we bring together a team of many experts in this field and are also in active exchange with other security companies.

Enabling you to focus on what you like to do by taking the work out of IT security is our passion and includes:

The goals here are:

You will be able to practice solid, process-oriented information security at all levels of your organization

To tackle your challenges together and to actively support you as a long-term partner in the implementation of processes and frameworks, the milestone of which can be one of the relevant information security certifications.

To provide you with a diverse team of highly qualified specialists in order to make a profound contribution in all relevant areas for you.

Management frameworks and certifications in which we have particularly in-depth implementation experience include ISO 27000+, BSI IT baseline protection, C5, TISAX and PCI DSS.

You benefit from our many years of experience with comprehensive penetration testing of a wide range of customer systems and applications, a solid testing methodology and customer reporting designed to generate a lot of value for you.

Procedure: Our security experts simulate the activities of a potential attacker, paying particular attention to identifying vulnerabilities that cannot be automatically detected by scanning tools.

You receive meaningful reports based on industry best practices that determine your company's information security level and provide specific recommendations for addressing any gaps found. All with the aim of ensuring the highest operational benefit for you.

Would you like to understand the current security situation in your organization? With a security audit, you can have the areas of your organization examined in breadth and get a well-founded holistic overview of the security level, security needs, sensible measures and important identified risks.

You can expect a Port Zero team with experts in code and infrastructure security to provide you with the best possible support in every area. We are happy to help you introduce and consolidate workable security routines in your products, as well as conduct compliance audits as part of security certifications and due diligence procedures in M&A scenarios, where you receive an inventory analysis and assessment of the actual performance and effectiveness of an organization's information security operations.

Do you take your customers' data and data protection seriously? Is it important for you to be compliant with the General Data Protection Regulation (GDPR) and to actually protect your customers' data in the best possible way?

Fantastic! We are happy to support you on your way through the legal and technical aspects of data protection and ensure that you are able to do everything correctly from a legal perspective while also protecting your customers' data in the best possible way.

If you need or want an external data protection officer, we will be happy to support you in this role. Our aim is to translate relevant regulations to your individual business processes and enable you to make good data protection decisions and use the available budget where it will benefit you and your customers the most.

We will develop a structure for a data protection management system for you and work with you to bring it to life. You can also count on us for the development of specific industry standards or certification requirements.

Why should you work with us here? Our strength lies in the interface between data protection and information security and therefore in our ability to work effectively with our clients at all legal, operational and technical levels.

You are also welcome to contact us about the following concerns and specialist areas:

  • Risk analysis (threat modeling)
  • Security training
    • Security awareness training
    • Secure Coding & Development Practices
    • SecOps (Secure Development Operations, Secure Operations / IT Operations)
    • Training of employees in the context of compliance requirements
  • Red teaming
  • Creation of emergency procedures (company-wide plan for security emergencies)

Building and optimizing your entire software lifecycle, from requirements management to detailed implementation, full-stack development, code security and automation - that's what we stand for and you can count on us at every point. Here is an insight into what we can do for you:

Transform how you work with cloud applications and services. If you're seeking to enhance your existing applications or start from scratch, our extensive client project experience has you covered.

Maintain user privacy without sacrificing functionality. We integrate essential tools into your digital presence, ensuring you manage your data sovereignly without relying on third-party services.

Prioritize user experience in your web applications and sites. We focus on intuitive navigation and self-explanatory interfaces that minimize training and maximize efficiency. Let us help elevate your digital interface to an unforgettable user experience.

We are happy to advise you in the areas of UX and usability to make your digital product a unique experience. We would be happy to optimize your existing online presence or work with you to design your new website.

From selecting the appropriate framework to establishing a robust CI environment, we partner with you throughout the development lifecycle to ensure seamless, agile project execution.

Open source is at the heart of what we do. By integrating open source solutions, you gain full access to your codebase, benefit from community enhancements, and retain the flexibility to modify your setup as needed.

In cooperation with the other Port Zero crews, we can also offer you individual solutions for system integration and test and advise you on all aspects of your IT security.

We offer system integration for Linux-based infrastructures with a focus on digitization and automation. We modernize legacy infrastructures, integrate (manual) workflows and connect your systems without vendor locking.

Through the consistent use of open source solutions, we improve both maintainability and security.

We can support your company in the following areas:

We have extensive knowledge of setting up and integrating monitoring systems for your existing or new infrastructure. You get a monitoring system that ...

  • is ready to go, implemented in minutes, fully open source and fully customizable: our monitoring and alerting stack consists of Ansible, Prometheus, Grafana and Alertmanager
  • integrates with your existing monitoring solutions (Nagios, etc.)
  • extends your existing monitoring solutions with debugging and other functions

We know you have that one cronjob running a PHP CSV parser that is pushing data directly into another system's database somewhere in your infrastructure. We can help!

  • We design and implement modern APIs to connect your services
  • We modernize, add features to or debug existing APIs in your infrastructure
  • We set up centralized user & rights management concepts and systems

We can also help you manage your existing infrastructure. For example:

  • Setting up a CI/CD pipeline
  • Setting up extensible self-hosted Jitsi video conferencing servers for your organization
  • Set up Ansible to manage your infrastructure configuration
  • All things system administration! Configuring failovers or web servers, upgrading a Linux distribution, ...

We have worked extensively in the following areas, with a variety of underlying technologies:

Green field setups, maintenance, feature enhancement, migration, upgrades, troubleshooting, incident response, performance optimization, HA/redundant setups/recovery, backups, automation, system integration, training

We champion Open Source internally at Port Zero and in our work. We understand ourselves as DevOps, approaching problems and solutions directly in a real-world environment, to bridge between system administration and software development and find the best integration between the two.


Teamwork

Three crews, one team.
Our experts from the fields of system integration, software development and IT‑security know what's important

Professional photo of Michael Michael Prinzinger
Managing Director
Professional photo of Jonas Jonas Becker
Systemintegration, Crew Lead
Professional photo of Tobi Tobias Brosge
Software development
Professional photo of Artur Artur Andretta
Data protection
Professional photo of Benji Benjamin Waldl
System integration
Professional photo of Hung Hung Truong
Controlling
Professional photo of Niels Niels Geist
Systemintegration, Crew Lead
Professional photo of Alessandro Alessandro Prati
System administrations
Professional photo of David David Rohmer
Software development
Professional photo of Santiago Santiago Cuello
Security
Professional photo of Eric Eric Gattschau
System integration
Professional photo of Julia Julia Fliszar
Team Assistant, Crew Lead
Professional photo of Patrick Patrick Weingärtner
Software development
Professional photo of Jonas Jonas Winter
Software development

You want to become part of us?
Sail along!


References

Ecosia
The search engine that plants trees

At Ecosia, we conducted a threat modeling workshop and worked together to establish basic security concepts.

ver.di Fachbereich A
Trade union for more justice and a say.

At Verdi, we have implemented a migration of Nextcloud to a cluster architecture. This includes the configuration of groups, assignment of rights and the integration of Nextcloud applications. Operation is carried out with regular updates and comprehensive support.

PlaytestCloud
Leading mobile games platform for comprehensive player insights.

At PlaytestCloud, we conducted a detailed security analysis to identify and assess vulnerabilities. The results were presented in a comprehensive report that assesses the level of security and offers recommendations for improvement.

Eurofiber
Construction of fiber optic networks in urban centers

At Eurofiber we have automated the processes managed by autolib and improved refactoring and integration tasks. Future maintenance work can thus be carried out easily and with comprehensive documentation.

Perspective
Marketing and sales funnel solutions

At Perspective, we carried out a cybersecurity health check, as well as targeted additional services such as consulting, testing, support and implementation that go beyond the agreed scope of the health check. This included basic GDPR training, among other things.

Passion.io
Combine interactive content, communities and features to create your own mobile app.

At Passion.io, we took on the role of external data protection officer and advised on the implementation of the GDPR. We also carried out a gap analysis on data protection maturity and directly implemented initial measures.

SysEleven
Provider of individual Kubernetes solutions.

For SysEleven, we provided advice and support for the introduction and implementation of an ISO27001-compliant information security management system (ISMS). This included adapting the existing ISMS to BSI basic protection for certification and integrating new products.

Advantis
Amusement park risk assessment software

At Advantis, we conducted a comprehensive security review of their online risk assessment tools, including checking various user privileges.

Testo
Professional measurement technology for daily measurement tasks

At Testo, we carried out penetration tests for special products. These tests aimed to identify security vulnerabilities and assess their criticality. The results and recommendations for improvement were presented in comprehensive final reports.

Unicorn
Workspace as a service

At Unicorn we develop and manage tools and systems for workspace delivery with a focus on stability, security and scalability.

art soft and more
Partner of schools

For art soft and more we build a scalable Jitsi video conferencing architecture with a strong focus on security and data protection that is used in schools across Germany.

Blinkist
Bring more knowledge into your everyday life

At Blinkist we carry out pentests and provide advice on IT security in the Blinkist app and on the website.

Computop
Leading international payment service provider

We advise Computop in the field of IT security and carry out penetration tests.

ecix
European Commercial Internet Exchange

Together with the ecix we developed in-house solutions for customer and resource management and monitoring, as well as an open source Looking Glass system.

W.L.Eichberg
Carbon products for electric motors

We support the family business W.L.Eichberg in the operation of their historically grown IT infrastructure.

medneo
Radiology as a service

We are helping Medneo to set up a secure and stable infrastructure that clearly separates issues and to develop monitoring for this purpose. We also help the company with GDPR issues.

orderbird
Germany's leading iPad POS system for the hospitality industry

At orderbird, we take care of data protection and IT security in operations, infrastructure and development

.
Pitch
Collaborative presentation software

Pitch we help you to create not only a cool, but above all a secure product that protects sensitive data

.
polypoly
A future where everyone is the sovereign of their data

At polypoly, we are involved in the development of the core product, a tool for taking back control of your own data online and managing it, as well as in its infrastructure and in the development of the services around this product.

resmio
Reservation systems for restaurants

For resmio we take over the development and support of the backend, in code and operations.

Saloodo!
realtime logistics

At Saloodo! we have co-developed a sophisticated marketplace for global logistics routes.

WOBCOM
Telecommunication services for Wolfsburg and the region

At WOBCOM, we contribute to the establishment of SDN by developing systems for the automatic provisioning, configuration and integration of network and data center hardware into existing monitoring and support systems.


Partner

Axiros
World market leader for device management in the ISP sector

We are the main integrator for Axiros management systems in the DACH region and implement and operate them at over 60 ISPs.

Defora Networks
IT security consulting

With Defora Networks we share common views and ethics regarding IT security and open source in close cooperation. We often work together on projects and share our professional ideas.

Frachtwerk
Digital transformation

With our friends at Frachtwerk, we work on joint projects, share knowledge and expertise and support each other as best we can. Frachtwerk specializes in software consulting for large industrial projects, especially in the field of digital transformation, as well as in the in-house development of such software projects with a team of exceptionally qualified experts.

palladio Consulting
IT strategy

palladio consulting supports companies in leveraging efficiency potential at the interface between business and IT. In volatile times, palladio helps to identify specialist change requirements and translate them into technical solutions.