
Compass Security Deutschland GmbH
About us
Compass Security offers comprehensive cybersecurity and cyber defense services. We specialize in industrial cybersecurity and serve the following sectors: energy & utilities / manufacturing & automation / transportation & infrastructure / mechanical engineers & OEMs.
We help manufacturers, system integrators, and asset owners in Switzerland and across Europe to secure their industrial systems by taking a structured approach to IEC 62443, OT penetration testing, and CRA compliance.
Products & services

IEC 62443 Risk Assessment
• Structured threat modeling for industrial systems • Risk analysis aligned with IEC 62443-3-2 • Security Level definition SL1 to SL4 • Identification of architectural and operational gaps

Architecture & Segmentation Validation
• Review of zones and conduits design • Defense-in-depth assessment • Verification of implemented network segregation • Validation of remote access boundaries

OT Pentesting
• Industrial protocol testing (IEC 61850, IEC 60870-5-104, MQTT, Modbus, OPC UA, Serial. 2/3-wire serial protocols) • Embedded firmware and hardware analysis • Authentication and access control validation • Controlled lateral movement simulation between zones

Certification & Compliance Preparation
• Gap analysis against IEC 62443 • Evidence generation for audit readiness • Technical remediation guidance • Independent second opinion before certification

Penetration Tests
In the role of the hacker, we test devices, networks, services and applications as well as the behavior of employees. We uncover vulnerabilities and provide you with recommendations on how to fix them. Our specialists cover a wide range of technologies. This allows us to address very specific requirements, whether specialized cloud environments, Internet of Things (IoT) or proprietary hardware devices.
News

FOKUS "Future of Industries"
Swiss industry in transition: What’s shaping the future of Switzerland’s industrial hub.

Pwning the Synology BC500
Embedded Firmware Exploitation

Switching 400'00 Volts with a TCP packet
A talk by Cyrill Brunschwiler about his research work on the Swiss electricity grid.

Luring the Threat: Lessons from ICS Honeypots in Ukraine and Germany
Insights on current threats to critical infrastructure and how to protect it