In 2019 we founded Iterasec with a vision to support tech and engineering companies with holistic security services: addressing software/product security, organisational security and compliance.
We want our clients to focus on their business and growth, while we aim to take care of security, which nowadays is quite a complicated topic requiring multidisciplinary and costly staff. We believe that doing it as a service is better for many SMEs.
Why we stand out:
- Practical attacker-minded and resilience-oriented security approach
- We understand engineers and product development: we know how to prioritize security and how to efficiently train engineers
- Excellent delivery management: on time, clear communication, proactive. Underpromise, overdeliver.
At the moment we are a boutique-style company of 10+ people and successfully completed over 100 projects in different domains: automotive, fintech, software engineering.
Igor has 13+ years of software engineering and application security experience, holding positions from software engineer to CTO, leading engineering process for several protection and cryptography products.
Prior to founding Iterasec, Igor had experience building Application penetration testing and security audit departments for several companies.
Having solid experience in both domains – software engineering and cybersecurity, Igor knows how to integrate them really efficiently with maximum practical output.
Vadym started in cybersecurity as an independent security researcher in the early 2000’s, has solid technical experience working as a penetration tester and a security engineer for different companies.
Participating in bug bounty and responsible disclosure programs, awarded by Facebook, Grab, GE Healthcare, AMEX and other.
Vadym knows how to break things and build security from a hacker’s perspective.
Proffessional security certificates
Certificates some of our team members possess and well as frameworks/organisations we follow:
Information security statement
At Iterasec, we pay extra attention to information security and protecting our clients’ projects privacy. Here are the key security measures we employ:
- Usage of corporate laptops only with standard security configurations (principle of least privilege, etc.)
- Full disk encryption
- Strong password policies
- Anti-virus software
- Acceptable use of assets policy
- Usage only of the licensed software. The software has to be approved by the IT team
- Usage of 2FA for the cloud services
- Vulnerability management policy
- NDA with employees
- Strong E2EE tools (for IM, email, file storage and transfer)
- Data classification policy, which defines how to handle Confidential and Strictly confidential info in terms of storage, sending it over the Internet, etc.
- Regular security awareness training in the context of ISMS
Further, our company currently implements ISMS in accordance with ISO 27001 standard.
For any information security issues or questions please email us at firstname.lastname@example.org