We are ERNW - SecTools

Share our vision of secure soft- and hardware

Fill 4

Our Mission

ERNW Sectools will provide tools that will make IT environments a safer place. We are engineering our knowledge, experience and expertise into new security tools and we will ensure, that our tools will be designed and developed in a secure manner, so they won’t become a weak link in customer environments.

Services

  • service-installation Created with Sketch.

    Installation

    As part of our product support service our professionals can support or take over the complete installation and integration of our products into customer environments. They are familiar with big enterprise networks and the corresponding technology. Please contact us for more details.

  • service-customizing Created with Sketch.

    Customizing

    Our products come with a rich feature set of functionality and reports, but we also offer customizing of our products like adding additional features, more reports, integration into SSO environments or whatever needs customizing. We are here to make it work, so do not hesitate to ask us, if you have special requirements.

Read more

Newsletter sign up

Get the latest news about technical topics within the IT-Security Community and a lot of special insights. Sign up now for our Newsletter at ernw.de:

Latest ERNW SecTools News

April 30, 2026

When paradigms are shifting: InfoSec in the age of AI

Over the last few weeks, I have had a very productive exchange with Christoph Klaassen on the impact of AI on security governance and compliance. In this post, we summarize our thoughts. When the Perimeter Dissolves: InfoSec in the Age of Agentic AI There’s an old saying among hackers coined by Dr. Eugene Spafford: “The only […]

Read more

April 16, 2026

Disclosure: Command Injection in Geutebrück Cameras

During a penetration test for a customer, we identified a command injection vulnerability in Geutebrück security cameras that allows authenticated attackers to execute arbitrary commands as root through the web interface. The root cause is unsanitized user input being passed into a sed script (and at least 12 other CGI endpoints). In addition to the […]

Read more

April 13, 2026

Windows Early Boot Configuration: The CmControlVector and PspSystemMitigationOptions

While investigating how process mitigation settings are initialized, I encountered the global variable PspSystemMitigationOptions. Tracing how this value is populated led me to the CmControlVector. In this blog post, we take a look at the Windows kernel land configuration manager, especially its global CmControlVector variable. Quick note: the kernel’s configuration manager is not related to […]

Read more
More on More ERNW SecTools related articles on our company blog