Training
Hands-on labs for engineers and security teams. Less slides. More operator workflows.
Web & API pentesting (Operator track)
What you learn
- Recon → hypothesis → exploit validation
- AuthZ testing (BOLA/IDOR) and business logic abuse
- SSRF, deserialization, token misuse patterns
Outputs
- Reusable test playbook + checklists
- Labs pack + tooling setup guide
- Reporting template and evidence workflow
Detection engineering (ATT&CK-driven)
Sigma/KQL
Build detections with test vectors.
Telemetry
Design logs you can actually use.
Tuning
Reduce noise, increase fidelity.
Threat modeling
Trust boundaries, data flows, and control mapping engineers can implement.
Outputs: backlog of mitigations tied to threats.
Engineering-ready: tasks that can ship.
Verification: how to validate fixes.
Secure SDLC
Controls tied to real vulnerability classes.
Incident readiness
Tabletops + technical verification for ransomware/cloud compromise scenarios.