About pb>sec: Your Cyber Security Partner

Personal Service, No Layers in Between

My name is Paul Brenndörfer, and I founded "Paul Brenndörfer - Cyber Security Services" (pb>sec) with a clear focus: providing practical and transparent security assessments without unnecessary overhead.

 

Unlike larger consulting firms, every engagement is handled directly by me. From the initial scoping discussion and project planning to the technical assessment, reporting, and follow-up communication, you work with the same person throughout the entire project. There are no sales teams, account managers, project coordinators, or junior consultants between you and the individual performing the assessment.

 

This direct approach reduces complexity, shortens communication paths, and ensures that project-specific knowledge remains with the person conducting the work. Questions can be answered quickly, technical discussions remain focused, and recommendations are based on firsthand knowledge of the assessed environment rather than information passed through multiple layers of communication.

 

My goal is not to produce lengthy reports filled with generic findings. Instead, I aim to provide realistic assessments, clear explanations, and practical recommendations that help organizations improve their security posture in a measurable way.

Experience Built Through Practical Assessments

Over the past six years, I have worked as a penetration tester and security consultant, assessing a wide range of environments including web applications, Active Directory deployments, corporate networks, wireless infrastructures, and cloud-connected environments.

 

During this time, I have been involved in more than 200 penetration testing engagements across organizations of different sizes and industries. This experience has provided exposure to a broad spectrum of technologies, architectures, and security challenges.

 

Every environment is different. A modern SaaS platform presents different risks than an internal corporate network, and a mature enterprise environment requires a different approach than a rapidly growing organization. Practical experience across a variety of scenarios helps identify weaknesses more efficiently and evaluate findings within the context of real-world business environments.

 

The lessons learned from hundreds of assessments continue to influence how I approach every new engagement: focus on realistic attack paths, prioritize meaningful risks, and deliver actionable results.

Industry-Recognized Certifications

Practical experience is essential, but continuous learning remains equally important. To maintain and expand my technical expertise, I regularly pursue advanced offensive security certifications focused on real-world attack techniques and modern enterprise environments.

OSCP – Offensive Security Certified Professional

The OSCP is widely regarded as one of the most recognized hands-on penetration testing certifications in the industry. It focuses on identifying, exploiting, and documenting vulnerabilities across a variety of systems under realistic conditions.

 

Rather than relying on multiple-choice examinations, candidates must successfully compromise systems within a controlled environment and produce a professional assessment report. This practical approach has contributed to the certification's reputation among security professionals worldwide.

OSEP – Offensive Security Experienced Penetration Tester

The OSEP builds upon the foundations established by the OSCP and focuses on advanced offensive security techniques used in modern enterprise environments.

 

Topics include advanced exploitation, Active Directory attacks, bypassing defensive controls, lateral movement, and techniques commonly associated with sophisticated adversaries. The certification emphasizes realistic attack scenarios and complex environments rather than isolated technical challenges.

OSWP – Offensive Security Wireless Professional

The OSWP focuses specifically on wireless security assessments and attacks against wireless technologies.

 

The certification covers wireless authentication mechanisms, encryption technologies, attack techniques, and the practical assessment of wireless network security. It provides a strong foundation for evaluating enterprise Wi-Fi deployments and identifying weaknesses in wireless environments.

CRTO – Certified Red Team Operator

The CRTO certification, provided by Zero-Point Security, focuses on modern red teaming techniques within Active Directory environments.

 

Particular emphasis is placed on command-and-control infrastructure, operational tradecraft, privilege escalation, lateral movement, and realistic adversary simulation. The certification is highly regarded among offensive security professionals working in enterprise environments.

CARTP – Certified Azure Red Team Professional

The CARTP certification, provided by Altered Security, focuses on attack techniques targeting Microsoft Azure and hybrid identity environments.

 

It covers Azure Active Directory, cloud identity attacks, privilege escalation opportunities, and attack paths between on-premises and cloud-connected environments. As organizations increasingly adopt hybrid infrastructures, these skills have become an important component of modern security assessments.

Swiss Infrastructure and Confidential Data Exchange

Security assessments often involve highly sensitive information. Credentials, architecture diagrams, internal documentation, source code, assessment results, and remediation plans require the same level of protection that clients expect for their own environments.

 

For this reason, I have deliberately chosen to operate my technical infrastructure exclusively within Switzerland.

This includes:

  • Hosting infrastructure
  • Virtual servers
  • Email services
  • Data storage
  • Backups
  • Project documentation
  • Assessment reports

 

The exchange of sensitive project information is handled through a self-hosted platform running on dedicated Swiss infrastructure under my direct control. Access credentials, reports, technical documentation, and other confidential project artifacts are not stored on third-party file-sharing services or public cloud platforms.

 

This approach provides greater control over project data and ensures that sensitive information remains within a clearly defined and controlled environment throughout the duration of an engagement.

A Practical Approach to Security

Security assessments should ultimately answer one question: what actually matters?

 

Organizations are often presented with long lists of findings, technical jargon, and theoretical attack scenarios. While technical accuracy is important, security decisions are ultimately driven by risk, impact, and business priorities.

 

My approach focuses on identifying realistic attack paths, validating actual risks, and providing recommendations that can be implemented in practice. The objective is not to generate the largest possible number of findings, but to provide meaningful insight into the security of an environment and help prioritize the issues that deserve attention first.

 

Whether the assessment targets a web application, an Active Directory environment, corporate infrastructure, wireless networks, or social engineering resilience, the goal remains the same: deliver a clear understanding of the risks that matter and provide practical guidance for reducing them.

Contact: Let's Discuss Your Security Requirements

For inquiries or to schedule an appointment, please contact me at: info@pb-sec.ch

 

I strongly recommend not including confidential information in your initial contact email that could reveal details about your organization's internal structure. Detailed information regarding the project scope and conditions can be discussed in a personal conversation.