Your address will show here +12 34 56 78
About Custodela

Custodela was formed by a group senior security professionals that have been working in the industry as cyber security generalists and specialists since its infancy. We recognized that well rounded technically proficient security professionals with hands on practical experience are very difficult to obtain, so Custodela was created to fill that growing need. High level gap assessments are easy, but coming up with achievable recommendations and real-world solutions with practical processes to solve them are not. 

We have significant experience

Offensive Security – Red Teaming

We have hundreds of combined Network and Application Penetration Tests. We don’t just find common vulnerabilities, but conduct low level manual attacks, and drive to break application flow logic in creative ways that could never be achieved by automated tools.

Cyber Security Operations – Blue Teaming

Deployment and management of mature small to large Security Operations program and supporting technology, including logging, advanced focused monitoring, threat hunting, intrusion detection/prevention, and vulnerability analytics. We believe false positives can cripple a team’s effectiveness. We have significant success with custom developed and tuned Security Operations Automation techniques to monitor more with less people.

Application Security

We are developers. We’ve built Application Security programs from the ground up from a strong understanding of common code and logic flaws, how to find them, and the best way to inform and educate developers on how to fix them. We have significant success with custom developed Application Security Automation integration with both small and large agile development teams building over 100 unique applications in a single organization.

Architecture Reviews

We’ve conducted hundreds of complex architecture reviews on both legacy and modern complex application flows. We look outside of just the architecture, but also focus on how the applications are used. We have significant experience assisting organizations adhere to a wide number of contractual and industry requirements, including the PCI DSS.

Incident Response, Investigations, Threat Containment, and Forensics

Process development and real-world investigation experience.