How do we start working with SecTepe?

All engagements start with a free initial conversation. You then receive an offer with a clear scope of effort, timeline and outcomes. On request we start with a small pilot to build trust and experience our delivery before moving into full implementation.

What company sizes and sectors do you support?

We work with small and mid-sized businesses as well as with corporate divisions and operators of critical infrastructure (KRITIS). Our core sectors are manufacturing, trades, healthcare, financial services, energy providers, public sector and the DACH mid-market.

Do you work on site, remotely or hybrid?

Both. Assessments, consulting and most managed services run remotely from our German data centres. For on-site work (workshops, training, incident response) we are primarily active in North Rhine-Westphalia, the Rhineland and the Ruhr area and extend our radius as needed.

Which standards and regulations do you cover?

We work to ISO 27001:2022, BSI IT-Grundschutz, TISAX, B3S KRITIS, NIS2, DORA and sector-specific requirements. Our methodology is grounded in recognised frameworks such as NIST CSF, MITRE ATT&CK, OWASP and OSSTMM, combined tailored to each project.

How do you protect the confidentiality of my data?

Confidentiality is anchored contractually and technically. Before every engagement we sign a mutual non-disclosure agreement, data is processed exclusively in German data centres, access is governed by zero-trust policies with multi-factor authentication, and all employees are contractually and GDPR-compliant bound to confidentiality.

SecTepe.Core

Enterprise Auth

Enterprise Authentication & eIDAS signatures

Enterprise-grade authentication and signatures – natively integrated into SecTepe.Core and fully EU-compliant.

Request a demo

What you get

WebAuthn / FIDO2
SAML 2.0 / OIDC SSO
Multi-factor authentication
eIDAS signatures
SCIM provisioning
Audit logs

Features at a glance

Enterprise authentication, identity provisioning and qualified signatures – out of the box.

FIDO2 Hardware Keys

Phishing-resistant authentication with YubiKey, Nitrokey and any WebAuthn-compliant device.

SAML 2.0 / OIDC SSO

Seamless integration with your existing IdP – Azure AD, Entra ID, Okta, Keycloak and more.

Adaptive MFA

Risk-based MFA triggered by context – location, device, user behaviour or admin action.

eIDAS Signatures

Qualified and advanced electronic signatures for policies, approvals and audit records.

SCIM Provisioning

Automated creation, updating and deactivation of users and groups via SCIM 2.0.

Session Management

Granular session policies, idle timeouts, forced logout and complete session audit trail.

Your benefits

Passwords alone are not enough. Zero-trust authentication, hardware-bound keys and qualified signatures secure your compliance platform against phishing, credential stuffing and insider risks.

Phishing-resistant thanks to FIDO2 and WebAuthn
Single sign-on for your entire workforce
Qualified signatures meeting EU eIDAS requirements
Automated joiner / mover / leaver via SCIM
Tamper-evident logs for every login and signature

Use cases

Zero-trust rollout

Migrate every admin and power user to phishing-resistant authentication.

Policy approvals

Sign policies and risk treatments with qualified signatures that withstand audits.

Enterprise IdP integration

Reuse existing identity infrastructure such as Entra ID or Keycloak with SAML/OIDC.

Privileged access

Step-up MFA for sensitive admin actions with complete audit trail.

Ready for enterprise authentication?

See in a personal demo how SecTepe.Core protects identities and delivers qualified signatures.

Request a demo Back to SecTepe.Core

How we work with you

We treat every engagement as a long-term partnership rather than a one-off delivery. Our approach is organised into four clear phases so that you always know what happens when, who owns which responsibility and which outcomes you can expect.

1. Free initial conversation

We learn about your starting position, your goals and the constraints you operate under. In 30 to 45 minutes we check whether our offering fits your situation, outline possible paths and answer your questions – no obligation attached.

2. Structured assessment

We capture the current state systematically – technically, organisationally and in regulatory terms. You receive a prioritised assessment that clearly names strengths, gaps and action areas and forms the basis for a robust offer.

3. Delivery with a dedicated lead

A senior lead guides you through the delivery with clear milestones, transparent effort and cost planning and a weekly status. All results are documented and remain fully owned by you.

4. Continuous operations & review

After project close, we stay alongside you in operations – via managed-service components, regular reviews, action tracking and proactive recommendations on new threats, regulatory changes or technology shifts.

Frequently asked questions about our services

The questions we are most often asked in first conversations – answered concisely. For anything else, our team is available at hello@sectepe.de or by phone at any time.

How do we start working with SecTepe?: All engagements start with a free initial conversation. You then receive an offer with a clear scope of effort, timeline and outcomes. On request we start with a small pilot to build trust and experience our delivery before moving into full implementation.
What company sizes and sectors do you support?: We work with small and mid-sized businesses as well as with corporate divisions and operators of critical infrastructure (KRITIS). Our core sectors are manufacturing, trades, healthcare, financial services, energy providers, public sector and the DACH mid-market.
Do you work on site, remotely or hybrid?: Both. Assessments, consulting and most managed services run remotely from our German data centres. For on-site work (workshops, training, incident response) we are primarily active in North Rhine-Westphalia, the Rhineland and the Ruhr area and extend our radius as needed.
Which standards and regulations do you cover?: We work to ISO 27001:2022, BSI IT-Grundschutz, TISAX, B3S KRITIS, NIS2, DORA and sector-specific requirements. Our methodology is grounded in recognised frameworks such as NIST CSF, MITRE ATT&CK, OWASP and OSSTMM, combined tailored to each project.
How do you protect the confidentiality of my data?: Confidentiality is anchored contractually and technically. Before every engagement we sign a mutual non-disclosure agreement, data is processed exclusively in German data centres, access is governed by zero-trust policies with multi-factor authentication, and all employees are contractually and GDPR-compliant bound to confidentiality.

Book a conversation