We help you secure your company's attack surface.

Security Consulting & Threat Modeling

Security Consulting

We offer a broad spectrum of consulting services, tailored to your needs. The spectrum ranges from management topics all the way to technical aspects.


  • CISO as a Service
  • DevSecOps - Secure Agile Methodologies
  • ISO27k Implementation & Coaching


  • Secure Code Reviews
  • Security Architecture Reviews
  • Cloud Security Reviews
  • Secure CI/CD Pipelines
  • many more

Threat Modeling

Threat modeling is to identify, communicate, and understand threats, mitigations, and controls within the context of protecting something of value. A threat model is a structured representation of all the information that affects the security of an object, which can be applied to various things such as software, applications, networks, distributed systems, Internet of Things (IoT) devices, and even business processes.

Within a Threat Modeling workshop, the security auditor of cyllective will lead the workshop and do the analysis together with you. At least one person knowing the technical details of the infrastructure in scope, such as an architect, must be present. We highly recommend involving a business person who understands the business use-cases and processes. In the interview-based workshop, we will jointly uncover potential threats and vulnerabilities. The result of a threat modeling workshop is the structured view of all relevant information, which could affect the security of an object.

cyllective is using STRIDE as the methodology for doing threat models. We supplement the threat modeling workshops not only with years of practical experience but also utilize a customized threat-catalog, to rapidly identify threats.

Schedule non binding meeting!

Timeline of Collaboration


Kick-off Meeting

Together with the client's project team to discuss and finalize the scope.


Security Consulting

According to the offer and details from the kick-off meeting, we directly work with the client's units to help the customer solve challenging security problems.



All proposed solutions are clearly documented and integrated into the customer's documentation system.


Debriefing Meeting

The result and cooperation are discussed in the debriefing meeting with the customer's project team.