About NotSoSecure

We are a specialist IT Security Company providing high end IT security consultancy and trainings. With over a decade of experience in this field, our consultants are regarded as industry leaders. Our research, white-papers, tools etc are highly rated in IT Security community. We regularly feature at World's leading events such as Black Hat, OWASP Appsec events, HITB, BruCON etc as a speaker/trainer.

Our consultants hold all major certifications including:

  • CREST Certified Web Application Tester
  • CREST Certified Infrastructure Tester
  • It's our ten years-plus experience in penetration testing and IT security, the depth of our knowledge and expertise, plus our tailor-made approach to each engagement that sets us apart.


    Penetration Testing:

    "A penetration test, occasionally pentest, is a method of evaluating computer and network security by simulating an attack on a computer system or network from external and internal threats. The process involves an active analysis of the system for any potential vulnerabilities that could result from poor or improper system configuration, both known and unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures. This analysis is carried out from the position of a potential attacker and can involve active exploitation of security vulnerabilities"

    Within penetration testing we offer the following services:

    • Application Pentest (white-box, grey-box and black box)
      • A web application security review identifies vulnerabilities inherent in the code of a web application itself, regardless of the technology in which it is implemented, or the security of the web server or back end database on which it is built. Specifically, it analyses the critical components of a web-based portal, e-commerce application, or web services platform. Using our detailed methodology, and a combination of manual techniques and proprietary and commercial tools, this type of assessment pinpoints specific vulnerabilities and identifies underlying problems in the web application.
    • External Infrastructure Pentest
      • Externally facing systems are constantly at risk of attack from the Internet. Newly developed applications, web sites and servers to be deployed should all be tested prior to making them publicly accessible to ensure the security of the network as a whole. With our years of experience in carrying out penetration tests against externally facing network devices, servers and web applications developed on all platforms we can assure you of a high level of security after a review has been completed.


    NotSoSecure Trainings have gained immense popularity in recent times. We currently offer the following trainings:

    Our training courses are available in following countries (delivered by us, managed by our partner companies):


    Events in 2015

    Catch us at the following events:

    We are in a process of confirming events for 2015. If you would like us to speak or run a training class at your event, please get in touch.


    Feeling NotSoSecure? Drop us a line and we will be in touch

    Fields marked with an asterisk(*) are required!

    NotSoSecure Ltd

    9, Old Forge Way, Sawston, CB22 3BZ
    United Kingdom
    Work +44 1223 515930