About

Our company mission

We are a boutique firm with over seven years of experience in the field, specializing in Information Security consulting, working as your virtual CISO or Head of Information Security. We are committed to delivering excellent work through continuous self improvement.

Our customers

To date, we helped several prestigious startups achieve challenging Information Security goals, starting from scratch. Many of them have been acquired by much larger firms or received large capital investments, their security maturity playing an important role in the process.

Here are a few examples:

  • Flow Commerce – managed their Level 1 PCI compliance program since day 1. They were recently acquired by Global-E, a world leading e-commerce platform
  • Touchpeak Software – managed their Level 1 PCI compliance program; they were acquired by Shiji Group, a global payment solution provider
  • Regalii – rebranded as Arcus FI – managed their Level 1 PCI and SOC compliance programs; after they got acquired by MasterCard we helped with their integration within the MasterCard family
  • Paxos – a regulated blockchain infrastructure platform – we provided security engineering services
  • WrapBook – an innovative payroll provider for the entertainment industry – we helped them get their SOC certification during the pandemic
  • Apprentice – we jumpstarted their Information Security program, while being excited about their contribution to the Covid vaccine development

Our team

We are a seasoned team of CISSP certified security consultants with vast experience in several industries, such as financial, healthcare and e-commerce. We can tackle an extensive array of topics – from high level policies and standards all the way down to the technology bits and bytes.

Our services

Here are some of the services we provide. We can design a customized set according to your needs:

  • Governance – we write or review your high level security policies, capturing your way of doing business
  • Network and systems security – we implement standards and tools to configure, harden and monitor your networks and systems security posture
  • Application security – we perform architecture and code reviews to highlight potential security and compliance issues
  • Devops – through our trusted partners
  • Training – we train your personnel on security topics via a customized set of CBTs
  • We manage your security audits and facilitate remediation work
  • We act as your trusted adviser and help you focus on growing your business