Attacking web applications, backends, APIs, and mobile apps in order to find vulnerabilities before others do.
Checking the security and hardening of your cloud infrastructure and services against best-practices.
Security review of your container orchestration platform (Kubernetes) as part of a defense-in-depth approach.
Identification and mapping of the public attack surface using reconnaissance, scanning, and OSINT techniques.
Security review of your Software Development Lifecycle Process (SDLC) as part of a defense-in-depth approach.
Security analysis of software via manual and semi-automated sourcecode audits with individual triage and risk report.
Low-volume newsletter to announce new trainings, services, and conference talks (about six mails per year)