We are ERNW – IT security specialists from Heidelberg

Since 2001, our focus has been on consulting
and testing in all areas of IT security

Fill 4

Vision & Values

  • Independence

    ERNW is, in terms of technology, manufacturers and financing, an independent service provider. Projects, recommendation of measures or the highlighting of optimization potential is never influenced by contracts with certain manufacturers, bias against certain products or claims of external stakeholder.

  • Expertise

    The continued development of our ERNW team’s expertise is our highest value, and one that is fully supported by our company through continued education, research, and shared innovation.

  • Knowledge transfer

    We believe that shared knowledge empowers ourselves as a company, our customers, and the international IT security community in which we actively participate.

Read more

Our Mission

ERNW is an independent IT Security service provider based in Heidelberg, Germany.  Since its founding in 2001, our focus has been on consulting and testing in all areas of IT security, unallied from outside shareholders and a need to sell products. This independence and self-accountability drives us, as a company, to adhere to a higher standard of professional conduct and development.

Whitepaper sign up

Get the latest information about technical topics within the IT security community and a lot of special insights. Sign up now for our whitepaper newsletter:

Latest ERNW News

May 22, 2024

Security Advisory: Achieving PHP Code Execution in ILIAS eLearning LMS before v7.30/v8.11/v9.1

During my Bachelor’s thesis, I identified several XSS vulnerabilities and a PHP Code Execution vulnerability via an insecure file upload in the learning management system (LMS) ILIAS. The XSS vulnerability can be chained with the code execution vulnerability so that attackers with tutor privileges in at least one course can perform this exploit chain.

Read more
More on More ERNW related articles on our company blog