Security Research
For over 25 years, we have built a global reputation for deep, original security research at the highest technical level. We’ve reported numerous vulnerabilities across a wide range of platforms. Vendors including Adobe, Apple, Avast, EMC, F-Secure, Hewlett-Packard, Microsoft, Oracle, RSA, and VMware have publicly acknowledged our contributions to the cybersecurity of their users.
Innovating in vulnerability research
Our public research focuses on discovering software vulnerabilities and responsibly disclosing them to vendors. Among our contributions are the discovery and formalization of two novel attack classes: Session Fixation and Binary Planting. Beyond identifying new vulnerabilities, we conduct in-depth analyses of known issues - uncovering previously undocumented attack vectors, edge-case exploit paths, and variant scenarios that evade conventional detection and mitigation.
Recognized by leading tech companies
Our work has been recognized on security acknowledgment pages of leading tech companies such as Mozilla and Google, and our name can be found in multiple Microsoft security advisories.
Microsoft's Bug Bounty Program
Mozilla's Bug Bounty Program
Google’s Bug Bounty Program
Avast’s Bug Bounty Program
Patching what’s really important
A key outcome of our long-term research and development is 0patch — a commercial-grade micropatching platform that delivers targeted, efficient security fixes without the need for risky traditional patch deployment. Designed for precision and minimal disruption, it offers an effective alternative for addressing vulnerabilities in complex and legacy systems.
Explore other services
Decades of research. Real-world Impact.
Tap into 25+ years of elite cybersecurity expertise, backed by original discoveries, responsible disclosure, and cutting-edge solutions like 0patch.