Our Services

We group our services into three main categories. The list below gives you a brief insight into our activities with which we support our clients. References i.e. project information can be found in the section References/Projects on our website. The field of computer security and embedded device security are constantly changing and becoming increasingly complex. We can offer our customers the necessary wide range of deep subject-matter expertise, not least because of our own research in these areas: modzero AG has an extensive network of subject-specific partners, whom we consult when necessary and with prior customer agreement.

Technical Security Analysis

In this category we offer our customers support in the areas of:
  • Penetration Testing
  • Reverse Engineering
  • Source Code Analysis
  • Technical, realistic risk-assessment of Hardware and Software projects

Design and Concept Support

In this category we offer our customers support in the areas of:
  • Analysis of existing concepts and designs of customer products before & during the various phases of the project
  • Support for development of threat and risk models
  • The development of efficient, specific and appropriate countermeasures
  • Support with the evaluation and design of protection mechanisms

Error analysis, incident handling and forensics

In this category we offer our customers support in the areas of:
  • Identification and analysis of (security-relevant) software and hardware errors
  • Analysis of malware and targeted attacks on systems, applications and infrastructure
  • Support for security-related incidents in networks, systems and components.

In almost all cases and if required, we may develop methods or tools to prove i.e. demonstrate particularly new forms of vulnerability. Such "Proof of Concept" tools can be software-only solutions; however, the development of dedicated hardware tools is also possible.

Specific references i.e. project information can be found in the section References/Projects on our website.

Company Background

The independent Swiss company modzero AG was founded in early 2011 by Max Moser and Thorsten Schröder, to assist clients with specific security issues in the complex areas of different computer technology. Our colleagues at modzero AG work exclusively in practical, highly technical computer-security areas and can draw on decades of experience in various platforms, system concepts, and designs. modzero AG does not wish to simply sell clients a finished product from the security services portfolio - but rather provide a consultative approach by cooperating with the client to produce a tailor-made solution. The focus lies clearly on highly-detailed technical analysis of concepts, software and hardware components as well as the development of individual solution proposals for resolving predominantly very specific protection requirements of our clients. Immense time and cost pressures are often triggered by a specific vulnerability in the product design or the threat model. As a small and specialized company, we are able to flexibly and efficiently respond to the individual requirements of our clients.

Thorsten Schröder has been active for many years as technical consultant in the field of applied IT-Security. He benefits from broad knowledge of software and network security across different industries. His areas of expertise lie in the verification of software in either source or binary form. The far-reaching knowledge of Black-Box-Analysis and Reverse-Engineering of hardware and software components together with Crystal Box-based analysis experience, form the basis for sound standing statements regarding specific security-related problems. In addition to professional and private research projects which he has repeatedly presented at security conferences, he frequently applied his expertise in honorary projects: for example, jointly creating an expert opinion report commissioned by the German Federal Constitutional Court concerning prosecution in the context of IT-related crime (§ 202c German Penal Code - StGB). For members of the German Parliament in the public project group meeting of the working group "Access, Structure and Security of Networks" on behalf of the Enquete Commission of Internet and Digital Society of the German Parliament, he tackled the questions regarding general threat scenarios in the Internet at the end of 2011.

Max Moser has worked for many years in the field of IT-Security. He has supported many national and international companies, public authorities and institutions to analyze and improve their security levels. He specializes in protocol analysis, research and highly specific penetration testing of complex environments. Max Moser is known within the IT-Security arena for his open-source projects such as the Linux distribution BackTrack as well as the recent “Keykeriki” research project. For years, he has made available both projects as well as other security-relevant information for the interested public (http://www.remote-exploit.org). Within the limits of their own business activity, security professionals worldwide apply this information and these products. The imparting of knowledge tailored workshops with a strong practical element is one of his great passions. Max Moser supports companies and corporations from various market sectors including telecommunications, pharmaceuticals, Insurance and banking. He presented several research project results at well-known international security conferences and his expertise is well represented in national and international media.


Confidentiality and discretion are, in our view, the most important "assets" in this industry. It is part of our self-understanding to respect the feelings, anxieties and fears of our clients and to adapt the way we communicate to what our clients actually want.

modzero AG was founded as an independent, privately-held company, in order to guarantee an independent and self-reflective way of working and consulting.