The Lab

What's cooking

Some of the most interesting security work happens when nobody's waiting on a deliverable. This is where we take the problems we can't stop picking at and build toward real answers. The clients don't drive it. The investor deck doesn't exist. Just the problem, the experience to go after it properly, and enough obsession to actually see it through. Some of what comes out of here becomes a tool you can use. All of it feeds back into how we work.

On the bench

Active build

Web Attack Surface Monitor

Traditional scanners make you choose between coverage and signal quality. High volume means a false positive pile that takes longer to triage than it’s worth. We’re building something that can run at scale and actually hand you results you can use.

On the bench

Active research

AI-Directed Pentesting

Frontier models are getting genuinely capable at offensive security tasks, and fast. We’re running them through real test scenarios to understand what they can actually do, where they still need a human making decisions, and what the trajectory means for how security testing works. Active research, not a packaged service.

More to come on each of these — check back as they take shape.

Working on a security problem that doesn't fit a standard engagement? That's usually the most interesting conversation we have. Bring it. We won't take everything on, but you'll get a straight answer either way.

Tell us what you're solving