HEALTHCARE CYBERSECURITY EXPERTS
Medical Device &
Healthcare IT Security
From MDR-compliant device testing to hospital IT assessments and C5 cloud compliance. We secure the healthcare sector and deliver audit-ready evidence.
Our Team
Meet our qualified experts who combine academic research excellence with decades of practical cybersecurity experience, specializing in medical device security and compliance.
Dr. rer. nat. Simon Weber
Senior Penetration Tester & Security Researcher
PhD security researcher who found critical vulnerabilities in hospital systems and contributed to the B3S hospital security standard (BAK MV). Simon turns academic rigor into audit-ready results that protect real patients.
Dipl.-Inf. Volker Schönefeld
Senior Penetration Tester & Application Security Expert
20+ years as CTO. 50+ million app downloads. Teams up to 35 experts. IoT fleets with thousands of devices. Volker brings deep security expertise and makes complex compliance simple.
Our Achievements & Expertise
Medical Device Compliance
Expert penetration testing for SaMD and DiGA applications following industry standards
Academic Research
PhD-level research in hospital security and healthcare IT protection
Practical Experience
Extensive hands-on security testing and continuous professional development
25+ Years Combined
Extensive experience in cybersecurity, development, and regulatory compliance
Our Expertise
We specialize in cybersecurity for healthcare: medical devices, hospital infrastructure, and cloud compliance.
MDR Penetration Testing
Audit-ready security testing for MDR Class I, IIa & IIb medical devices and SaMD. We deliver the technical evidence Notified Bodies require for IEC 81001-5-1 compliance.
Learn moreDICOM & PACS Security
The DICOM standard was built for connectivity, not security. We test PACS systems and medical imaging infrastructure against both protocol-level threats and MDR compliance requirements.
Learn moreSecure Code Review
Source code analysis by experienced developers. We find security flaws and provide fixes that fit your architecture and accelerate secure releases.
Learn moreHospital IT Security
Independent IT security assessments for medical device software per §17 MPBetreibV. Standards-compliant testing that stands up in your medical device logbook and before regulatory authorities.
Learn moreC5 Cloud Compliance
Your cloud provider's C5 attestation covers their infrastructure, not your application. We help healthcare organizations achieve their own C5 Type 2 attestation under §393 SGB V.
Learn moreAI & LLM Security
Security assessments for AI-powered medical devices navigating the intersection of MDR and EU AI Act compliance. From prompt injection to model manipulation and data extraction.
Learn moreOriginal Security Research
We don't just test: we find zero-day vulnerabilities in healthcare systems. Multiple security advisories targeting healthcare protocols and medical imaging systems are currently in coordinated disclosure.
View AdvisoriesWhat Our Clients Say
Trusted by leading companies for their security needs
“Machine Spirits helped uncover vulnerabilities in our platform early with a structured and in-depth pentest before we went through MDR certification. The clear reports and pragmatic communication helped us quickly close security gaps and efficiently update our documentation.”
“As a security partner for our DiGA, Machine Spirits impressed us with their in-depth pentests. Their competent TR-03161 consulting and clear recommendations were crucial in meeting the demanding BSI requirements quickly and securely.”
“Very pleasant collaboration with Volker and Simon from Machinespirits. Both are extremely professional and very flexible. We would be happy to continue working with Machinespirits in the future.”
Contact Us
Ready to secure your digital assets? Our team of cybersecurity experts is here to help.
Phone
+49 221 65031192Response Time
We typically respond to all inquiries within 24 hours during business days.
Average response time: 6-12 hours