carmasec: security. done. right. ::: trusted advisory and consultancy for security automation, devsecops, cybersecurity

Service fields

Offensive Security

Using a proactive attack-simulated approach, our experts check the usability of IT systems and the implementation of security measures in your company.

Cloud Security

We support you in implementing security measures for your data in the cloud.

Information Security Management

We help you set up your information security management system (ISMS).

DevSecOps / Agile Security

We support you in setting up a DevSecOps organisation and integrate security into your CI/CD pipelines.

Identity & Access Management

We support you in the implementation of identity and access management, independent of the provider.

Risk Management

We help establish processes and structures for your risk management.

Security Awareness

We sensitise your employees through awareness training and campaigns

Data Privacy / GDPR

We advise you on the management of personal data in the context of the GDPR.

Our Management Team

Carsten Marmulla Geschäftsführer der carmasec

Carten Marmulla

Managing Partner &
Senior Trusted Advisor

Jan Sudmeyer

Managing Partner &
Senior Trusted Advisor

Timm Börgers

Managing Partner &
Senior Trusted Advisor

Introducing ourselves

carmasec is a cybersecurity consulting boutique, founded in Germany in 2018. As a “trusted advisor” in the field of cyber resilience, we provide professional consulting services and solutions to our national and international clients. Our expertise lies in the areas of cloud security, information security, DevSecOps, identity & access management, risk management, security architecture, security awareness, security automation and data protection.

Our team of experts with many years of relevant consulting experience has successfully implemented more than 100 customer projects in the telecommunications, logistics, financial services, healthcare and energy sectors.

Our association memberships and networks

EuroCloud Native

EuroCloud Native (ECN) is a specialist forum aimed at providers of public cloud-based solutions and services and is the point of contact for media issues.

TeleTrusT – Bundesverband IT-Sicherheit e.V.

The Bundesverband IT-Sicherheit e.V. (TeleTrusT) is a competence network with members from industry, administration, and science.

BVMW – Bundesverband der mittelständischen Wirtschaft e.V.

The BVMW is the largest, politically independent, and cross-sectoral association of German SMEs.

BISG – Bundesfachverband der IT-Sachverständigen und Gutachter e.V.

The Federal Association of IT Experts and Consultants (BISG e.V.) is a lobbyist, mediator and service provider.

eco – Verband der Internetwirtschaft e.V.

With more than 1,100 members, eco is the largest Internet industry association in Germany and Europe, helping to shape the Internet.

Cyber Security Cluster Bonn e.V.

The cluster combines business, politics, and research competencies to create innovative IT security solutions.

Button Teilnehmer der Allianz für Cyber-Sicherheit

Allianz für Cybersicherheit e.V.

The Alliance for Cyber Security, founded in 2012, aims to strengthen resilience against cyber attacks.

networker NRW e.V.

The networker NRW is a network of personal contacts in the IT industry and bundles the competence of 190 members.

ZENIT Netzwerk e.V.

The ZENIT Network, founded in 1984, is a forum of entrepreneurs for entrepreneurs. The goal is to create cross-border networking.

EuroCloud e.V.

EuroCloud Deutschland_eco e. V. is the association of the cloud computing industry and promotes the provision of cloud services.

CPS.HUB

The Competence Center for Cyber Physical Systems is an innovation driver in CPS enabling technologies for research, development and industry.