Security services for web-applications

We offer penetration testing for web-applications and security engineering as a service for Rails teams.

Services

But Rails is secure, why would I even need this?

Although Rails has reasonable defaults for security, that doesn't make it a secure framework because there is no such thing. Any framework can be used in an insecure manner, and we are humans; humans make mistakes, make wrong assumptions, which can lead to security flaws.

Shopify is one of the biggest companies using Rails, and I am sure you would agree with me that they hire great engineers, but still, as of this writing, there are more than 1400 reports resolved by them on HackerOne, and they paid out more than 2 million dollars in bounties.

There is also GitHub, another large company using Rails, and they resolved close to 1200 reports and paid out over 3 million dollars in bounties.

These examples show that even the best engineers and teams make mistakes, and having a penetration test helps to uncover those mistakes before a malicious actor exploits them.

Why should you hire me?

I am an OSCP-certified penetration tester with a lot of experience finding security flaws in Rails applications.

A few public security issues I found and reported:

My HackerOne profile: https://hackerone.com/gregmolnar
console1984 bypasses:
authentication-zero lack of brute-force protection
DocuSeal MFA bypass

Testimonials

“I worked with Greg to go through all my sites and apps and make sure they are safe. I love being a scriptkiddie hacking together and shipping fast but security is nothing to be fast about because you hold user's data and have to keep that safe. Having Greg pentest everything, audit my code and follow his recommendations helps me sleep a bit better at night.”

Pieter Levels

Founder of Nomad List, Remote OK, Avatar AI

@levelsio

“When I was planning on making Keygen open source, getting a penetration test and security audit was a major prerequisite. I knew Greg was a great choice, with his deep understanding of Ruby and of Rails. Greg completed the security audit according to schedule, and with his help and recommendations, I was able to successfully patch the issues he found. When it comes to security, I highly recommend Greg and Spektr.”

Zeke Gabrielse

Founder of Keygen

“Tens of thousands of students and many universities rely on our software each semester to provide course content, assessments and grades. It is critical that we provide a service that is secure and reliable to each stakeholder involved. For a small team without specific security expertise, we knew (and were strongly encouraged by our partners) we needed to get a reliable security audit and penetration test to make sure all of our systems were as secure as possible. Greg's expertise was evident from our first meeting. He meticulously audited our systems, identifying vulnerabilities with precision. His insightful recommendations were invaluable, allowing us to fortify our digital infrastructure effectively. Greg's thorough approach to security has not only enhanced our systems but also given me and all of our partners a peace of mind. For anyone seeking top-notch security solutions, I wholeheartedly recommend Greg and Spektr.”

Jess Brown

Co Owner, CSePub.com

What is a penetration test?

During a penetration test I am looking for vulnerabilies on a target. The target can be a network with various services available, a web-application with the hosting infrastructure or just a web-application on it's own.

A typical web-application engagement has the following steps:

You get in touch and we do a scoping process to determine how much time I need to test the application. The process involves you answering a list of questions.
You receive a quote
Upon acceptance of the quote, we schedule a meeting to demo the application and answer some questions to help me with reconnaissance. Typically we schedule the date for the test at this point.
I complete the test. This is not running bundle audit and brakeman on your codebase. It usually requires 5 days to test a regular sized web-application. During the test, I go over the functionality of the application with my interception proxy and I try to find vulnerabilities and security weaknesses in the application. In Rails applications the most common vulnerability is a direct object reference due to the lack of proper authorization.
You receive the report and we can discuss any points that needs explanation.
Your team fixes the findings, and we schedule a re-test
After the re-test, you receive the Letter of Attestation

A penetration test can have different types:

Black-box: The consultant doesn't get any information about the system, just the domains/IP addresses for assignment. This mimics what a real attacker would start with, but it requires a bigger time investement to carry out a test.
Gray-box: The consultant is provided with all the information he needs about the target. Technologies used, network layout, how certain features work, etc.
This shortens the duration of the test and gets you the best results for your money.
White-box: Similar to gray-box testing, but the application's source code is also provided to the consultant.

I want to book one

What does Security Engineering include?

If you subscribe to the Security Engineering service, you will have access to me for any security related problem/question. You will have a dedicated project in Basecamp, where you can create tasks for me. I handle those tasks within 2 working days.
Example tasks:

We are developing a new feature which has a security aspect, can you review or implementation plan and give us feedback?
Can you review this pull request from a security perspective?
Can you fill out this vendor security questionnaire we received from a prospective client?
Can you vet our vulnerability reports?
Can you review or CI/CD setup from a security perspective?
We are becoming ISO 27001 Compliant and we are not sure how to solve this requirement. Can you advise us?

I only process a single task at a time, so I will usually be able to get done 2 tasks a week for you.

I want to subscribe

Services

Penetration test

Scope based

You might need a penetration test for compliance or if you just want to verify the security of your application, we can help.

A manual penetration test of a web application
Covers compliance requirements
Free re-test included
You receive a report with the findings and recommended mitigations
You receive a Letter of Attestation to present to auditors or customers

Schedule a call

Security Engineering

$990 / month

If you want me to be available for you for security engineering.

I provide security-related guidance for your engineering team during the design on development of features
I review pull-request from a security perspective
If you have a bug bounty program, I review and filter the reports
I help to improve processes with security in mind, setting up tooling for SAST, dependency monitoring, etc.

Order

Schedule a call

Unsure how I can help you?

If none of the above would be a fit for you, or just want to have a chat about your security challenges, reach out to me and we can discuss how I can help.

Schedule a call