The employees at Y-Security form the core of our organization, bringing with them a wealth of capabilities, skills, and a dedicated focus on identifying the most challenging security vulnerabilities. They are the driving force behind our success, utilizing their expertise and unwavering commitment to ensure that our clients’ security needs are met with utmost diligence.

Sven Schlüter

Co-Founder / Advanced Attack Simulation Specialist

My idea and passion behind Y-Security is to create, lead and develop a company that solves todays most complex security challenges for our clients. That success is shown in our innovative service development which provides a holistic approach in the offensive security field. With that we have a lasting effect to our client base and their IT-Security.

Sven Schlüter (Essen, Juli 2021)

Christian Becker

Co-Founder / Advanced Attack Simulation Specialist

My personal motivation behind Y-Security is to establish a team at the German and European market which is known for technical excellence and significantly contributes to developing new security concepts. The motivation to do this under the name of Y-Security is to provide independent services which are not bound to companies and their products.

Christian Becker (Essen, Juli 2021)

Thore Imhof

Advanced Attack Simulation Specialist

I joined Y-Security because I want to focus on the things that matter which means continuously adapting to new techniques and building a team with great technical expertise.



Thore Imhof (Essen, Oktober 2022)

Certifications

At Y-Security, we place significant emphasis on continuous learning and development within our internal team. This commitment to ongoing growth often leads our consultants to acquire various certifications, enabling our clients to validate our technical prowess and capabilities. The following achieved certifications serve as tangible evidence of our team’s expertise and further reinforce our dedication to delivering top-notch services to our clients.

The OffSec Certified Professional (OSCP) certification necessitates individuals to proficiently exploit and breach a variety of active systems within a secure laboratory setting. Widely recognized as a highly technical accreditation in the field of ethical hacking, the OSCP stands out as one of the rare certifications that demands tangible proof of practical expertise in penetration testing.

The Evasion Techniques and Breaching Defenses (PEN-300) certification, also known as OffSec Experienced Pentester (OSEP), stands as an advanced training program for penetration testing. The course equips learners with the ability to conduct sophisticated penetration tests against well-established organizations possessing robust security measures. Emphasis is placed on circumventing security mechanisms designed to thwart attacks.

The Windows User Mode Exploit Development (EXP-301), also known as OffSec Exploit Developer (OSED), certification is a comprehensive training program that imparts essential knowledge in modern exploit development. The certification validates extensive knowledge of assembly language and low-level programming to bypass critical security measures to protect businesses.

Offensive Security Certified Experts (OSCE) possess an exceptional level of expertise in the field of penetration testing. They have demonstrated their ability to develop custom exploits, successfully execute attacks to breach systems, and acquire administrative privileges. The rigorous 48-hour examination further showcases their exceptional persistence, determination, and capacity to perform effectively under high-pressure situations. Moreover, OSCEs exhibit the ability to think creatively and devise innovative approaches to infiltrate internal networks, showcasing their capability to go beyond conventional methods. Additionally, OSCEs are well-versed in advanced security measures such as Address Space Layout Randomization (ASLR) and possess a thorough understanding of these enhanced protective mechanisms.

The Burp Suite Certified Practitioner (BSCP) is a recognized certification designed specifically for web security professionals, offered by the creators of Burp Suite. Obtaining the Burp Suite Certified Practitioner certification signifies a comprehensive understanding of web security vulnerabilities, an adept mindset to exploit them effectively, and proficiency in utilizing the Burp Suite toolset to accomplish these tasks proficiently. It serves as a testament to an individual’s expertise and competence in the field of web security.

The Red Team Ops I certification, also known as Red Team Operator, by Zero-Point Security provides advanced training in the fields of Adversary & Attack Simulation techniques. Holders of the Red Team Operator certification have demonstrated their abilities in command & control, engagement planning and time management. They can perform each stage of an attack lifecycle from initial compromise, to full domain takeover, data hunting, and exfiltration; whilst being aware of OPSEC concerns and bypassing defences.

The Red Team Ops II certification, also known as Red Team Lead, by Zero-Point Security focuses on bypassing and evading advanced enterprise security solutions that are used by Blue Teamers to detect adversaries. Holders of the Red Team Lead badge have demonstrated their knowledge of building secure C2 infrastructure, writing custom tooling, circumventing Windows hardening configurations, bypassing EDR, and various other detection and defence mechanisms.