Red Teaming Providers in DACH Region

What Is Red Teaming?

Red Teaming (also: Red Team Assessment or Adversary Simulation) is the most realistic form of offensive security testing. Unlike traditional penetration tests, Red Teaming simulates multi-stage, real-world attacks on an organization – spanning technical, physical, and social attack vectors.

A Red Teaming Assessment tests the entire defense chain under real-world conditions: from the initial access phase through lateral movement to achieving critical business objectives. The Blue Team's (SOC, CERT, IT Security) detection and response capabilities are also evaluated.

Red Teaming vs. Penetration Testing

Both approaches are complementary and ideally combine in a comprehensive security strategy.

Regulatory Frameworks in the DACH Region

• TIBER-AT (Austria) – OeNB framework for Threat Intelligence-based Ethical Red Teaming in the financial sector
• TIBER-DE (Germany) – Deutsche Bundesbank and BaFin framework, based on TIBER-EU
• FINMA (Switzerland) – Swiss Financial Market Supervisory Authority requirements for cyber resilience
• DORA (EU-wide) – Digital Operational Resilience Act, mandatory Threat-Led Penetration Testing for significant financial institutions since 2025
• TIBER-EU – European umbrella standard for all national TIBER implementations

Red Teaming & Pentesting Providers in the DACH Region

Austria

• SEC Consult – International IT security consultancy (Eviden / Atos Group), headquartered in Vienna
• Hackner Security Intelligence – Specialized in Security Assessments and Physical Red Teaming, founded 2010, ISO/IEC 27001 certified
• Certitude Consulting – Cyber risk management and offensive security consulting, Vienna
• TÜV TRUST IT – TÜV AUSTRIA – IT security services of the TÜV AUSTRIA Group, Red Teaming and penetration testing
• CANCOM SE – IT services provider with pentesting and Red Teaming services, Austria
• Strong-IT GmbH – Ethical hacking, penetration testing and Red Teaming, Innsbruck

Germany

• SySS GmbH – One of Germany's oldest pentest providers (Tübingen, since 1998), Red Teaming and security analyses
• NSIDE ATTACK LOGIC – Specialized in Red Teaming and Adversary Simulations, Munich
• RedTeam Pentesting – Red Teaming and pentesting from Aachen, known for practical security research
• Compass Security – Swiss security firm with a German office
• CODE WHITE – Offensive security and Red Teaming, intelligence-driven security
• Exploit Labs GmbH – Red Teaming and security training, Eschborn
• NVISO – Red Teaming and offensive security, Frankfurt am Main office
• Lutra Security GmbH – Red Teaming and penetration testing, Munich
• r-tec IT Security GmbH – Red Teaming and incident response, Wuppertal
• CANCOM SE – Pentesting and Red & Purple Teaming, Munich
• hisolutions AG – IT security consulting and Red Teaming, Berlin

Switzerland

• Compass Security – Swiss security firm (Rapperswil-Jona), Red Teaming and penetration testing
• Oneconsult – Cybersecurity services, Zurich, Red Teaming and incident response
• Redguard – Penetration testing and security assessments, Bern
• NVISO – Red Teaming and offensive security, Switzerland office

Country-Specific Information

• Red Teaming Austria – Providers and regulatory framework (TIBER-AT)
• Red Teaming Germany – Providers and regulatory framework (TIBER-DE)
• Red Teaming Switzerland – Providers and regulatory framework (FINMA)
• Pentesting DACH – Penetration Testing providers in the DACH region