We help organisations to become more secure by using the same techniques as criminal hackers to breach them, and then working with them over the long term to put right the problems we find.
While risk assessments are useful, they give a broad but uncertain view of security.
We help by supplementing this broad view with a narrow but certain one, describing vulnerabilities that we can prove exist and have impact.
We give our clients clear, actionable, objective information about their security.
Then, we help clients to use this information to create transformative improvement: not just to tick a compliance checkbox.
“[The Tradecraft adversary simulation] was performed to an incredibly high standard and we were very pleased with the way in which it was run, along with the output presented to us; a detailed rundown of vulnerabilities with a clear understanding of how to prioritise them, presented in a clear and actionable manner.”
“Tradecraft were incredibly fast in identifying a vulnerability that a generation of previous security experts, consultants and companies had completely failed to spot. They provided a mature, confidence-inspiring summary of the situation, including options to fix, and worked sensitively alongside our team in making sure that change was carried out well.”
“Previous tests have resulted in long lists of minor items that may or may not have a tangible impact on our information security. It's near-impossible for our team to prioritise which items on the list to address. Tradecraft's approach helped us to arrive at a far shorter list of items representing realistic attack scenarios. Tradecraft picked up on issues missed by numerous previous testers.”
Good security design is often counter-intuitive, and we're here to help organisations that want to challenge the status quo, complementing traditional approaches with new ones. Our principles of secure design are different, and our values guide everything we do.