We are ERNW - SecTools

Share our vision of secure soft- and hardware

Fill 4

Our Mission

ERNW Sectools will provide tools that will make IT environments a safer place. We are engineering our knowledge, experience and expertise into new security tools and we will ensure, that our tools will be designed and developed in a secure manner, so they won’t become a weak link in customer environments.


  • service-installation Created with Sketch.


    As part of our product support service our professionals can support or take over the complete installation and integration of our products into customer environments. They are familiar with big enterprise networks and the corresponding technology. Please contact us for more details.

  • service-customizing Created with Sketch.


    Our products come with a rich feature set of functionality and reports, but we also offer customizing of our products like adding additional features, more reports, integration into SSO environments or whatever needs customizing. We are here to make it work, so do not hesitate to ask us, if you have special requirements.

Newsletter sign up

Get the latest news about technical topics within the IT-Security Community and a lot of special insights. Sign up now for our Newsletter:

Latest ERNW SecTools News

November 29, 2018

First Talks of TROOPERS19 Accepted!

TROOPERS18 was the best year ever (did you check our archives?) and it will be challenging to do better… However, we accept the challenge! The trainings and talks were from high quality and choices were difficult to make… We hope you will enjoy reading these little teasers! Follow us on Twitter (@WEareTROOPERS) for more information […]

November 29, 2018

On the insecurity of math.random and it’s siblings

During code reviews we often see developers using weak RNGs like math.random() to generate cryptographic secrets. We think it is commonly known that weak random number generators (RNG) must not be used for any kind of secret and recommend using secure alternatives. I explicitly did not state a specific language yet, because basically every language […]

November 23, 2018

Plume Twitter Client URL Spoofing

It is possible to spoof the URLs that Plume will open to arbitrary locations because of how Plume parses URLs. The preview of an URL in a tweet will show the complete (at least the host name and the first few chars of the URL) but shortened URL. However, if the URL contains a semicolon […]

More on More ERNW SecTools related articles on our company blog