Sample output Start a scope request

Evidence-first security assessments for critical systems

Security assessments your engineers can fix from.

We test the assets you name, document exact reproduction steps, and return a prioritized fix list with retest notes. The output is built for engineering teams, not procurement decks.

You get

  • Evidence-rich findings tied to assets, endpoints, and roles
  • Prioritized remediation guidance with fast wins and longer-term fixes
  • Retest results that confirm what closed and what still needs work
Start a scope request Review sample output

Representative finding format, sanitized for public sharing.

Title: Authorization bypass via token reuse
Severity: High
Affected surface: order-read API endpoints
Impact: Cross-tenant order data exposure.
Evidence:
  1) Replay a valid token across a tenant boundary.
  2) Observe order data returned for another tenant.
Fix guidance: Bind tokens to tenant context and verify tenant_id on every read.
Retest: Confirm closure after fix deployment.

Sample output

What your team receives at the end of an engagement.

When client identifiers cannot be shared publicly, we still show the structure of the work product: scoped findings, affected surfaces, fix guidance, and retest status.

  • Web application assessment

    Best for authenticated flows, admin boundaries, and business-logic abuse paths.

    Output: affected routes, reproduction steps, fix notes, and retest status per finding.

  • API authorization review

    Best for token handling, tenancy enforcement, and object-level access controls.

    Output: endpoint-by-endpoint findings, abuse cases, and recommended guardrails.

  • Cloud and IAM review

    Best for trust boundaries, privilege paths, and mis-scoped operational roles.

    Output: escalation paths, least-privilege changes, and validation notes after policy updates.

Representative finding excerpt

Title: Overly broad IAM trust policy
Severity: High
Affected surface: deployment role in shared build account
Impact: Role assumption outside the intended trust boundary.
Evidence:
  1) Enumerate assumable principals in the trust policy.
  2) Use the allowed path to attach elevated permissions.
Fix guidance: Constrain trusted principals and add a permission boundary.
Retest: Validate trust policy changes before production rollout.

Services

Service menu, scoped to your assets.

Pick a scope. We confirm access, test manually where it matters, and ship a report your engineers can act on immediately.

Web/App Assessment

Scope

  • Public and authenticated web flows
  • Critical business logic and role boundaries

Deliverables

  • Findings with reproduction steps and evidence
  • Prioritized fix list mapped to routes and workflows
  • Retest results after fixes land

Typical timeline: 1 to 2 weeks once access is ready.

API Authorization Review

Scope

  • Authentication and authorization flows
  • Object-level access checks and tenancy controls

Deliverables

  • Endpoint-by-endpoint access findings
  • Minimal abuse-case reproductions
  • Recommended guardrails and regression tests

Typical timeline: 5 to 10 days depending on surface area.

Cloud/IAM Review

Scope

  • IAM roles, policies, and trust boundaries
  • Privileged paths and key data stores

Deliverables

  • Privilege escalation paths with evidence
  • Least-privilege remediation plan
  • Retest notes after policy changes

Typical timeline: 1 to 2 weeks after read-only access is ready.

Retest and Validation

Scope

  • Verification of agreed remediation work
  • Evidence updates for tickets, audits, and release gates

Deliverables

  • Updated finding status and evidence
  • Notes on partial or failed remediation

Typical timeline: 2 to 5 days per retest window.

How it works

Clear steps, clear outputs.

Short engagements with explicit access rules, concrete deliverables, and a retest path.

Process

  1. Scope call and target confirmation
  2. Rules of engagement and access checklist
  3. Assessment with manual testing and targeted automation
  4. Report delivery and engineering walkthrough
  5. Retest and updated evidence pack

Deliverables checklist

  • Executive summary for engineering leadership
  • Technical findings with evidence and reproduction steps
  • Prioritized remediation plan
  • Retest notes and updated status

What we do

  • Manual testing where it changes the outcome
  • Evidence tied to exact assets, routes, and roles
  • Retest after fixes land

What we do not do

  • Scan-only deliverables passed off as assessment work
  • Unapproved production testing outside the agreed scope
  • Keeping customer data longer than the delivery window requires

Start a scope request

Send the scoping template below with the exact assets, access model, and timing constraints. We respond with required access, rules of engagement, and a proposed assessment window.

Open scope template View security.txt

Security disclosures should use the contact details published in security.txt.

Scope template

Subject: CLI assessment request -- [company] -- [timeframe]
Body:
1) What to test (app/api/cloud):
2) Number of apps/APIs/accounts:
3) Time window:
4) Access model (staging, production, VPN, IP allowlist):
5) Constraints (NDA, maintenance windows, test-user setup):