We are ERNW – IT security specialists from Heidelberg

Since 2001, our focus has been on consulting
and testing in all areas of IT security

Fill 4

Vision & Values

  • Independence

    ERNW is, in terms of technology, manufacturers and financing, an independent service provider. Projects, recommendation of measures or the highlighting of optimization potential is never influenced by contracts with certain manufacturers, bias against certain products or claims of external stakeholder.

  • Expertise

    The continued development of our ERNW team’s expertise is our highest value, and one that is fully supported by our company through continued education, research, and shared innovation.

  • Knowledge transfer

    We believe that shared knowledge empowers ourselves as a company, our customers, and the international IT security community in which we actively participate.

Read more

Our Mission

ERNW is an independent IT Security service provider based in Heidelberg, Germany.  Since its founding in 2001, our focus has been on consulting and testing in all areas of IT security, unallied from outside shareholders and a need to sell products. This independence and self-accountability drives us, as a company, to adhere to a higher standard of professional conduct and development.

Whitepaper sign up

Get the latest information about technical topics within the IT security community and a lot of special insights. Sign up now for our whitepaper newsletter:

Latest ERNW News

May 05, 2025

Full Disclosure: Multiple Rundeck Job Command Injections

During a red-teaming-style customer project, we managed to get access to an Rundeck API token. Rundeck is a job scheduler and runbook automation platform designed to automate routine IT tasks across multiple systems. At first, we were excited about this API token because if we could create new Rundeck jobs, we could execute arbitrary code […]

Read more
More on More ERNW related articles on our company blog