About us

Founded in 2019, Iterasec is a cybersecurity service company providing penetration testing, security audits, application and cloud security, DevSecOps and security compliance services for tech and software engineering companies.

With a team of 20+ cybersecurity specialists, we are laser-focused on improving the security of various software and cloud products as well as helping development teams build more secure software.

Our clients range from small startups to global multinational companies, such as well-known automotive companies, cloud providers, Fortune 500 companies, etc.

Quick facts

4
years in business
50
pentesting projects annually (average)
21
specialists
3
clients ISO and SOC certified in 2023

Meet co-founders:

Igor Kantor

Igor Kantor

Co-founder, CEO

Igor has 16+ years of software engineering and application security experience, holding positions from software engineer to CTO, leading engineering process for several protection and cryptography products.

Prior to founding Iterasec, Igor had experience building Application penetration testing and security audit departments for several companies.

Having solid experience in both domains – software engineering and cybersecurity, Igor knows how to integrate them really efficiently with maximum practical output.

Vadym Soroka

Vadym Soroka

Co-founder, CTO

Vadym started in cybersecurity as an independent security researcher in the early 2000’s, has solid technical experience working as a penetration tester and a security engineer for different companies.

Participating in bug bounty and responsible disclosure programs, awarded by Facebook, Grab, GE Healthcare, AMEX and other.

Vadym knows how to break things and build security from a hacker’s perspective.

Our principles

About Us talent-recognition-1

Human-centric management

Cybersecurity is a very dynamic and complex area. Giving enough freedom, providing space for professional development and just simply taking good care of employees is essential to succeed as a cybersecurity company.
About Us research-1

Always look deeper

Typically our team finds juicier and more impactful/non-ordinary cybersecurity issues than other vendors. We try to focus on what’s essential and practical rather than just blindly ticking the checklist boxes.
About Us customer-service-1

Listen to your clients

Understand what the client really needs. Underpromise, overdelier. That’s a summary of our approach to dealing with clients.

Team

With lots of challenging projects, our team is constantly growing. We welcome both experienced specialists and also talented cybersecurity students.

See Open positions

Proffessional security certificates

Certificates some of our team members possess and well as frameworks/organisations we follow:

About Us logo-ceh About Us iso-27001-logo About Us osce-logo About Us owasp-logo About Us ewptx-logo About Us tisax-logo About Us 1_A0WW4lTBNN8ovWv9IQOnLA About Us 1_f9CO-HTghdvMLKweeAv0Aw About Us 1_Ra-KXCGe3Als-o2Q_IUm4g About Us certified-hybrid-multi-cloud-red-team-specialist-course About Us download About Us images About Us logo_cka_whitetext-300x293-1 About Us arte_certification

Information security statement

At Iterasec, we pay extra attention to information security and protecting our clients’ projects privacy. Here are the key security measures we employ:

Hardware security

  • Usage of corporate laptops only with standard security configurations (principle of least privilege, etc.)
  • Full disk encryption
  • Strong password and MFA policies
  • Anti-virus and anti-malware software
  • Acceptable use of assets policy

Software security

  • Usage only of the licensed software. The software has to be approved by the IT team
  • Usage of 2FA for the cloud services
  • Vulnerability management policy

Data protection

  • NDA with employees
  • Secure asset and access management
  • Strong E2EE tools (for IM, email, file storage and transfer)
  • Data classification policy, which defines how to handle Confidential and Strictly confidential info in terms of storage, sending it over the Internet, etc.
  • Regular security awareness training in the context of ISMS

 

Our company has implemented ISMS in accordance with the ISO 27001 standard.

For any information security issues or questions, please email us at [email protected]

Contacts

Please tell us what are you looking for and we will happily support you in that.

Feel free to use our contact form or contact us directly.