Evaluating software architectures against security risk rules and generating mitigation advice in an agile fashion.
Attacking web application, backends, APIs, and mobile apps in order to find vulnerabilities before others do.
Checking the security and hardening of your cloud infrastructure and services against best-practices.
Security review of your container orchestration platform (Kubernetes) as part of a defense-in-depth approach.
Security review of software architectures and system designs, defining a roadmap for improvement and hardening.
Identification and mapping of the public attack surface using reconnaissance, scanning, and OSINT techniques.
Security review of your Software Development Lifecycle Process (SDLC) as part of a defense-in-depth approach.
Security analysis of software via manual and semi-automated sourcecode audits with individual triage and risk report.
Low-volume newsletter to announce new trainings, services & public conference talks (about six mails per year):