Certified IT security solution: Made in Germany

Certifications and Processes

As a German manufacturer of IT security solutions, Myra operates a security-as-a-service platform to protect banks, insurance companies, public authorities and large corporations. These sensitive and in some cases critical infrastructures (KRITIS) are subject to strict requirements. As a result, we are regularly audited and certified. We work to the highest quality standards.

Request a Demo

Myra Security meets all BSI performance requirements

By selecting a DDoS protection provider that has been KRITIS-qualified by the German Federal Office for Information Security (BSI), organizations gain access to world-class defense technology and expertise. These providers are characterized by their ability to reliably protect critical infrastructure from malicious traffic around the clock and to flexibly adapt to new threat scenarios.

Myra was the first protection provider to meet all 37 BSI criteria. Today, we are still one of the few service providers on the market that fully meets these requirements.

Download report

ISO 27001 based on IT-Grundschutz

The certificate (number: BSI-IGZ-0667-2024) confirms that Myra Security's Information Security Management System (ISMS) ensures the confidentiality, availability and integrity of all information through appropriate technical and organizational measures.

The BSI has defined countermeasures for typical threats to corporate IT. The successful certification proves that Myra Security has successfully implemented all comprehensive protection measures.

Only about 150 companies worldwide meet the requirements of ISO 27001 based on IT-Grundschutz.

Learn more

BSI C5 Type 2

With the C5 attestation, Myra demonstrates that our cloud services meet the information security requirements of the BSI Cloud Computing Compliance Criteria Catalogue (BSI C5). The C5 audit looks at the service provider in great detail, including cyber security, compliance, data protection, personnel requirements, physical security, procurement and development. In addition, C5 summarizes globally established standards to create a comprehensive catalog of measures for information security and transparency.

Myra's Type 2 attestation proves that the protection systems were appropriate and effective both at the time of the audit and over the entire audit period of twelve months. Myra customers can therefore rest assured that all processes and systems are optimally protected to ensure integrity, confidentiality and availability.

KRITIS operator according to § 8a para. 3 BSIG

KRITIS operators meet the strict legal requirements for the IT security of critical infrastructures. A KRITIS attestation is particularly relevant for companies that are active in sensitive areas of public supply or work with them.

The following aspects, among others, are examined as part of a KRITIS attestation in accordance with Section 8a (3) BSIG: Adequacy of IT security measures, compliance with the state of the art, implementation of technical protection measures for IT and OT infrastructure, existence of systems for attack detection (e.g. SIEM, SOC), training and awareness of employees and much more.

PCI-DSS (Payment Card Industry Data Security Standard)

Working with a PCI DSS-compliant service provider is particularly relevant for companies that handle credit card data. This certification, developed by leading credit card companies, confirms that the provider has implemented strict security measures to protect sensitive financial data.

Among other things, PCI DSS defines requirements for setting up and maintaining secure networks and systems, installing and maintaining firewalls, encrypting cardholder data and more. Myra is a PCI DSS Level 1 certified service provider – the highest level of certification available.

IDW PS 951 Type 2

With the successful audit in accordance with IDW PS 951 Type 2 (international: ISAE 3402), we demonstrate the qualitative implementation of an internal control system (ICS) for our clients. Myra thus fulfills all regulatory requirements associated with the audit standard. These include the areas of information security, compliance, business continuity, patch management, alarm & monitoring and physical security.

The practical audit consists of employee surveys, inspections of documentation and reports and observations of internal processes. As part of the more extensive type 2 audit, auditors check the appropriateness, implementation and effectiveness of the Myra ICS over a period of nine months. This gives our customers the opportunity to use the audit standard as part of their annual audit.

Trusted Cloud

Myra is the first port of call for certified IT security. That is why Myra is listed with Trusted Cloud. The platform awards the seal of approval exclusively to verified providers and services that impress with their transparency, care and quality.

The Trusted Cloud label is awarded by the Trusted Cloud e. V. competence network, which emerged in mid-2015 from the technology program of the same name run by the German Federal Ministry for Economic Affairs and Energy (BMWi). The association's platform serves companies as a user-oriented information point and decision-making aid for selecting trustworthy and tested providers and services.

Myra fully meets the requirements for transparency, IT security, data protection and legal security associated with the Trusted Cloud Label. These are also based on the General Data Protection Regulation (GDPR), which provides a strict set of rules for the secure processing of sensitive information.

In addition to protecting digital processes, we are actively committed to the environment. Wherever possible, Myra has been compensating for CO2 emissions through certified climate protection projects for many years.

Our Contribution to Climate Protection

Myra is committed to protecting our climate in collaboration with ClimatePartner. Our climate protection strategy is based on the greenhouse gas balance: this involves identifying the sources of CO2 within a company and then deriving potential reductions. We compensate for unavoidable emissions by supporting recognized climate protection projects.