We enhance the paradigm of consultancy and offer on-demand,
granular and transparent, highly scalable and cost-effective consultancy services.
Experience and accreditations
With more than 20 years of total experience in cybersecurity and testing, our experts hold the following certifications:
Compliance and information security:
- Certified Information Systems Auditor (CISA)
- Cisco Certified Network Associate (CCNA)
- ISO 27001 Lead Implementor
- AWS Cloud Practitioner
- ISTQB Advanced Level Test Manager (CTAL-TM)
- ISTQB Advanced Level Technical Test Analyst (CTAL-TTA)
- ISTQB Foundation Level
- Offensive Security Experienced Penetration Tester (OSEP)
- Offensive Security Certified Professional (OSCP)
- Certified Red Team Expert (CRTE)
- Certified Ethical Hacker (CEH)
The most important factor that drives test automation is the short development cycle. Agile teams have only a few weeks to get a grasp of the requirement, make the code changes, and test the changes.…
In a management assessment the emphasis is mainly on leadership qualities. In this assessment the focus was on issues like independence, delegating and communication.
The new development and testing strategy implementation in the financial project
Building Test Architecture and Test Strategy in CRM project
The adversary simulation activity allowed the security team to demonstrate a complete compromise path while not using any usual, “exploitable” vulnerabilities. Instead, the attackers relied on human factor, weak password policies and password reuse, service…
This case is a very good example why manual penetration tests are valuable – the team achieved compromise without administrator access to the application, not using any known exploits or discovering injection/deserialization/other RCE flaws. The…
Penetration test: complete compromise of the transaction processing API, which allowed to initiate unsolicited payments on behalf of other registered customers.
Social engineering: it was possible to achieve persistent internal access, exfiltrate confidential and personal information, and compromise infrastructure.