- Penetration Testing
- RedTeam / Cyber Crime Simulation
- Web & Mobile Application Security
- Infrastructure Security
- Consulting & Training
- Everything Else
Reactive to requirements, get in-touch.
Red-team / Cyber Crime Simulation
Real Attacks, not security validation or identification but execution and compromise.
Web & Mobile Security
You have a website and you need to make sure it's your website and not some hax0rs side project.
From 2013-2015 I was the primary consultant for web application security within a large investment bank, my role consisted of all security related deliverable's from deploying the systems securely, installing and configuring the stack securely and penetration testing the application plus more.
Prior to this I was a CHECK Team Leader in Web Application Security (CTL by way of Tiger SST Web) I would perform security assessments on anything facing the internet and internal networks, for retail, finance,government, medical, aviation and more
in addition I have also many notable mentions form large companies by way of bug hunting such as
Additionally performed many mobile application security reviews, while working at the bank tirelessly pushing for the best configurations (and getting it) and prior to the bank working with a varying mix of clients and mobile devices ... predominantly IOS and Android platforms and less so Windows mobile applications and Blackberry.
My Network penetration testing is on a par with my web application security, it's something I really enjoy and the challenge of such dynamic environments I have been lucky to have a broad range of clients and platforms to enhance through exposure and verifying through validation.
Assistance in Investigations, Internal and external.
Vulnerability Scanning speeds up the identification of many issues in configurations, Vulnerability scans can be performed on almost ever part of your critical infrastructure from networks,servers,desktops and more.
Consulting & Training
Education and security awareness are not always worthwhile delivering to everyone, but delivering to core people in pivotal positions, security guidance will be heard where ever those influential team members can be heard. we can be specific, we can be broad.
The Training can be a great way for in-house security functions to keep their mind sharp, they may not always understand how an issue works but there is an issue that exists, filling in the gaps and delivering hands on interactive training is fun and highly rewarding for knowledge sharing within teams and personal development of staff, this usually allows for greater confidence in risk scoring, accepting or actioning other avenues.
We haven't spoken about WiFi Security, Social Engineering, Code Review, Cyber Intelligence, Incident Response, Forensic analysis and other niche attacks and defences ... we can... but you will have to get in-touch.