Sascha Prock · IT-Security

Take the attack apart. Then close the gap.

I analyze real attack scenarios and make clear how they unfold, where typical weaknesses appear, and what to check concretely. I bring that same perspective into my security consulting for executives and IT.

Services

for executives and IT

Want to know where you stand, need a steady hand for your security over the long run, or are you in the middle of an incident right now? I support you in practical, plain terms, so management and IT quickly know what to do next.

ongoing leadership

CISO as a Service

External security leadership for companies that want professional cybersecurity steering without building a full-time role immediately.

readiness

NISG 2026 Readiness Check

A compact assessment of applicability, organizational gaps, technical measures, and the next priorities before NISG 2026 takes effect.

ISMS rollout

ISO 27001 Implementation

Guidance for building a pragmatic ISMS: scope, risk assessment, policies, treatment plan, and audit-ready evidence on the path to certification.

clear second opinion

Security Sparring Partner

Independent perspective for executives, IT leaders, and project teams when decisions need a calm, honest security assessment.

security roadmap

Strategic Cybersecurity Consulting

Turn isolated measures into a practical plan by connecting risks, budgets, responsibilities, and priorities.

make risks manageable

Risk Management

Build a pragmatic risk framework that connects management, IT, and compliance and makes decisions easier to explain.

before, during, and after

Incident Response Support

Support for preparation, playbooks, structured analysis, communication, and lessons learned after a security incident.

strengthen people

Security Awareness & Training

Practical sessions on phishing, social engineering, and secure processes that help employees act with confidence.

Attack Scenarios

current focus
attack · detection

Attack Scenarios

Real attack scenarios, broken down technically: attack flow, IOCs, detection signals, Sentinel queries, and a Detection Gap self-test.

latest: Device Code Phishing: When the Real Microsoft Login Becomes the Trap

Not sure where to start?

In a short, no-obligation intro call, we figure out together where your biggest security lever is and which first step is really worth taking.

Request an intro call →