About Us
We’re a security company
Traditional security services
We offer the full range of traditional InfoSec services including security assurance, architecture reviews and vCISO.
Penetration testing and auditing
We perform full infrastructure and web application penetration testing, in both cloud and on-premise environments.
We’re a DevOps company
Any Cloud
We work with all major cloud platforms, allowing us to audit environments and build secure automation no matter which flavour you use.
Any Tool
We don’t just resell one vendor, we use the right tools to suit each client and we always ensure we build the simplest and most robust configuration.
We automate
We work with the leading automation orchestrators to eliminate repetitive tasks and promote robust processes.
We’re a DevSecOps company
We build security into automated pipelines
Todays application developers rely heavily on automation to rapidly implement fixes and features through delivery pipelines.
We enable our customers to build security gates into these pipelines, driving down risk at every step.
We understand the threat
We are experienced penetration testers and vulnerability researchers so we know a false positive from a real vulnerability.
We care
Community speakers
We regularly talk at major conferences such as DTX, @Hack and Blackhat
CTF contributors
We directly support CTF competitions like BSIDES to help inspire and train the next generation.
Partnerships
We use the right technology for each project, but maintain strategic partnerships to get the best for our customers.
Accreditations
At Punk Security we live and breath cybersecurity and thus achieved the following industry accreditations.

Cyber Essentials
Achieved:
13th September 2021

Cyber Essential Plus
Achieved:
25th October 2021

Armed Forces Covenant
Achieved:
4th October 2021

UK Cyber Security Council
Achieved:
7th January 2022

ISO 27001 & ISO 9001
Achieved:
28th March 2022