Penetration Testing

Our specialist offensive testing services include an extensive range of penetration testing capabilities at the application, network, and physical level.

  • Security Research as a Service
  • Red Teaming and Attacker Emulation
  • Web Application and API
  • External, Internal, and Wireless Networks
  • Host and SOE
  • Cloud Environments
  • Mobile Applications
  • Bespoke Systems and Applications

Security Review

Complementing our Penetration Testing we also perform network architecture and application review services. Helping your business achieve best practice design and secure-by-default approaches to your infrastructure.

  • Network Architecture Review
  • Application Architecture Review
  • Source Code Review
  • DevOps Review
  • General Security Consultancy

Incident Response

For when things go wrong, our experienced and qualified team will help with getting you back on track.

  • Incident Response Preparedness
  • Incident Management and Leadership
  • Forensic Investigations (GIAC Certified Forensic Analysts)
  • Malware Analysis

Featured Releases

HTTP Really Isn't That Simple (and by extension Neither Is Your Outbound Web Filtering, Actually)

This article takes a close look at what stands in the way of filtering outbound HTTP to the wider web in a restricted server environment, shows how to evade typical filtering configuration using a relative of domain fronting, and presents some ideas for ways to plug this gap.


Making Mutual TLS Easier

TLS is good, arguably necessary, but managing PKI makes me feel bad. Is there no other way? This article will show how you can reap the benefits of mutual TLS quickly and easily without the mire of PKI.


Airtable Formula Injection

This article discusses Airtable Formula injection, a vulnerability that occurs when untrusted input is included in an Airtable formula. We’ll cover the vulnerability fundamentals, detection, exploitation and some thoughts on remediation.

Get in touch

How can we help?

+64 4 889 4756