Deep domain expertise to meet your evolving security threats

FOXMOLE provides security and vulnerability analysis for websites, applications, operating systems, networks, voice over IP, IoT and building technology. Additionally, penetration testing, source code audits and other diagnostics generate valuable insights on multiple levels.

In parallel, FOXMOLE offers guidance and direction for remediation and strategies (technology, processes and policies) to remove the root cause of theses vulnerabilities resulting in a secure-by-default status. FOXMOLE reduces costs involved in reducing exposure whilst delivering optimal security strategies and security architectures.

The FOXMOLE team has extensive experience across various industry sectors and can provide expert guidance on how to secure customer and employee digital identities and help transform the existing security team, practices and technology to meet unpredictable and ever-evolving threats.

Application Security

We provide: Architecture Reviews, Source Code Audits, Threat Analysis, Secure Development Lifecycle Reviews and Secure Coding Workshops.


Read more


Our services encompass: organisation, processes & technology , CISO guidance, recommendations for root cause remediation.

Read more

Security Review

FOXMOLE conducts a review of your relative security strengths and weaknesses across areas such as "Protect", “Detect” and “React”.  This is followed by recommendations on where to focus effort for maximum impact and improved overall security.

Read more


We review key physical assets such as: networks, telephony, bulidings and Internet of Things (IoT).

Read more

Penetration Testing

External attackers, hackers, crackers and cyber-criminals often use well-known vulnerabilities to break into systems and networks. FOXMOLE’s task is to find your system’s vulnerabilities before others can exploit them.

Read more


We examine compliance with data security policies and a range of legislation where appropriate such as PCI, HIPAA, PSD2, and IT-Sicherheitsgeset. Read more.

Read more

A dual focused approach to combat the twin threats of the "Fox" and the "Mole"

Today’s security threats come in many different forms: hacktivism, social engineering, state sponsored cyberwarfare, malware and identity theft being just a few of these. But it is not only external attacks by cunning hackers (foxes) that constantly present new challenges to IT security; the internal threat posed by employees (moles) is also a huge security vulnerability.

According to the Ponemon Institute, “data breaches that result from malicious (employee) attacks are most costly.” These challenges are often underestimated and whilst sensitive, cannot be ignored. Read more about we can simulate attacks and identify potential employee threats here.

Revisit your security strategy and challenge established thinking

Traditional security approaches no longer meet the needs of today's enterprise. FOXMOLE helps by reviewing existing people. processes and technology alignments and these how these meet internal and external threats. Diagnostics gathered via penetration tests and source code audits, amongst others, help clients make data-driven decisoons as to where to increase investment.

FOXMOLE consulting teams offer a comprehensive review of current practices and challenge established thinking. End user adoption is an important criteria, often forgotten in the pursuit of maximum security at every opportunity.

Lastly, how can red and blue security teams continuously enhance their capabilties and remain vigilant in creating and overcoming threat scenarios?

Is your password putting you at risk?

One major cause of data breaches is the stolen password. Once hackers have an email address and password, a world of possibilities are open to them. The dangers are not just limited to the account they have access to. Their hacker’s next steps usually include not only selling the details to other criminals but also … Continue reading Is your password putting you at risk?

Read more

FIDO U2F: what it is and how you can secure your web applications using LinOTP

This is the first part of a series of blog entries about FIDO U2F and how you can use FIDO U2F and LinOTP to secure your web applications. Kicking off, we would like to introduce you to FIDO U2F and explain the idea behind it. Following blogs will be about the protocols and how you … Continue reading FIDO U2F: what it is and how you can secure your web applications using LinOTP

Read more

Why biometric authentication isn’t a silver bullet

There has been a lot of noise in the press recently about the rising tide of biometric authentication. The concept has been around for longer than many might think. For example, facial recognition was tested at the Superbowl in 2001, though the results were not widely circulated. A few pioneering companies (particularly banks) are rolling … Continue reading Why biometric authentication isn’t a silver bullet

Read more

Contact Us

Please call +49 6151 86086-277 (Germany office hours)
or email: