In 2019 we founded Iterasec with a vision to provide a unique blend of cybersecurity and software engineering expertise, which helps us address product security from a much broader perspective: from selecting the right engineering vendor and assembling security capable teams, to the final security tests from a hacker’s perspective.
At the moment we are a boutique-style company fully focused on application security and secure engineering processes.
Igor has 13+ years of software engineering and application security experience, holding positions from software engineer to CTO, leading engineering process for several protection and cryptography products.
Prior to founding Iterasec, Igor had experience building Application penetration testing and security audit departments for several companies.
Having solid experience in both domains – software engineering and cybersecurity, Igor knows how to integrate them really efficiently with maximum practical output.
Vadym started in cybersecurity as an independent security researcher in the early 2000’s, has solid technical experience working as a penetration tester and a security engineer for different companies.
Participating in bug bounty and responsible disclosure programs, awarded by Facebook, Grab, GE Healthcare, AMEX and other.
Vadym knows how to break things and build security from a hacker’s perspective.
Proffessional security certificates
Certificates some of our team members possess and well as frameworks/organisations we follow:
Information security statement
At Iterasec, we pay extra attention to information security and protecting our clients’ projects privacy. Here are the key security measures we employ:
- Usage of corporate laptops only with standard security configurations (principle of least privilege, etc.)
- Full disk encryption
- Strong password policies
- Anti-virus software
- Acceptable use of assets policy
- Usage only of the licensed software. The software has to be approved by the IT team
- Usage of 2FA for the cloud services
- Vulnerability management policy
- NDA with employees
- Strong E2EE tools (for IM, email, file storage and transfer)
- Data classification policy, which defines how to handle Confidential and Strictly confidential info in terms of storage, sending it over the Internet, etc.
- Regular security awareness training in the context of ISMS
Further, our company currently implements ISMS in accordance with ISO 27001 standard.
For any information security issues or questions please email us at email@example.com