How well protected is your company against cyber attacks?

Codepurple analyzes your IT systems and applications for their security. A security review by our specialists can identify vulnerabilities and configuration mistakes before they become critical for your company.

Closed Bug Bounty

During the Closed Bug Bounty program, we examine IT systems in depth. With your permission, we search for bugs and security-related configuration errors. You only pay for vulnerabilities we find.

learn more


A security review examines all IT systems on a broad scale. As a result, you receive a detailed report of what was examined and where security vulnerabilities were found.

learn more

43% of cyberattacks target SMEs!

Source: Symantec


Would you like to get a first impression of your system? Our security scanner checks your system and detects possible vulnerabilities in an easy way.

Check your domain now.

Within minutes, our AI (artificial intelligence) determines a cybersecurity rating between A and F.

Do not reuse your password on different accounts.

Source: Codepurple


Sichere APIs?

APIs (Application Programming Interface) sind Schnittstellen, über welche Softwaresysteme untereinander kommunizieren können. Einige APIs sind öffentlich, wie zum Beispiel die der Wetterdienste. Bei anderen APIs geht es um persönliche Daten, so zum Beispiel beim E-Banking. APIs sind der Leim, welcher die digitale Welt zusammen hält, deshalb gilt es diese Schnittstellen besonders zu schützen und auf möglich Fehler zu prüfen.


Arten von Phishing-Angriffen

Phishing-Angriffe sind nach wie vor einer der Hauptangriffsvektoren im Cybersicherheitsbereich. Dabei gibt es verschiedene Arten von Phishing. In diesem Artikel gehen wir auf die Ziele und Arten von Phishing-Angriffen ein.


State of the Swiss web Q2 2022

Die letzten drei Monate standen bei uns eindeutig im Zeichen von API-Keys, Datenbankzugriffen und unserem internen Domänen-Scanner.


More articles

46% of web apps have critical vulnerabilities.

Source: Acunetix

Our mission

Codepurple stands for a hands-on approach to cybersecurity. It is our goal to find security vulnerabilities that pose a risk to your company before they are discovered and exploited by attackers. In doing so, we show the customer what risk the respective vulnerability represents and what measures can be taken to close it.

For the penetration tests, our experts rely on their many years of experience. Additionally, they are supported by an AI (artificial intelligence) developed by Codepurple, which allows to detect critical vulnerabilities efficiently and quickly.

Our team of well-trained specialists creates a synthesis of Red1 and Blue Team2, for this reason, our name Codepurple.


Thomas and David have been working together successfully for more than twenty years. In their professional life, they have already founded several companies and won over ten start-up competitions. The highlight was the Swiss Economy Award in the service category. All their projects have always been about web applications and digitalization. However, their passion is finding vulnerabilities and security holes in computer systems. Now, with Codepurple, they combine their experience from 20 years of web development with their passion for hacking.


Thomas Federer
Bachelor of Science in Computer Science
Email Icon LinkedIn Icon


David Peyer
Bachelor of Science in Computer Science
Email Icon LinkedIn Icon

Approximately 30,000 new websites are hacked every day.

Source: Forbes