Proven Results.
Explore how we've helped leading tech firms clear procurement hurdles and scale with confidence.
Emirates Nuclear Energy Corporation: Cybersecurity Consulting for Critical Infrastructure
Needed to strengthen cybersecurity posture for critical nuclear energy infrastructure.
Alexander Sverdlov served as external security consultant, providing comprehensive cybersecurity consulting.
"Confidential engagement - nature of project cannot be disclosed publicly."
Management Financial Group: Enterprise Security Across 6 Countries
Large financial institution with 8000+ employees across 6 countries needed IT Security Audit and security leadership.
IT Security Audit and Virtual CISO services across the entire multi-country organization.
"Long-term client relationship providing enterprise-scale security consulting."
Pegb Technology: From Assessment to Full Security Program
Needed to establish cybersecurity posture for secure code creation, deployment, and infrastructure.
Information Security Assessment followed by 12-month CISO as a Service engagement, executing the Information Security Program Plan.
"Complete security culture transformation - infrastructure security, security awareness, and secure software development."
"Pentestas exceeded our expectations in the assessment and report. The whole team enjoyed working with Alexander towards achieving our security goals. We highly recommend their services to anyone who is serious about achieving their cybersecurity goals."
Nedyalka Yolovska
Managing Director, Pegb Technology FZE
Qordata: Ongoing Security Leadership for AI-Driven Compliance
Needed full information security program and ongoing security leadership.
Full IT Security Audit followed by 12-month vCISO engagement, still an active client.
"Comprehensive security posture improvement across End User Security, Cloud Security, with ongoing Security Awareness Training."
"Under your supervision we are making great progress & the most eye-catching part is that we are developing a secure culture which is helping each and every individual with respect to their personal and professional life."
Syed Haris Ahmed
Manager IT Infrastructure, Qordata
Edge: Multi-Framework Compliance for Healthcare
Needed trusted partners for information security and regulatory compliance.
IT Security Audit and ongoing vCISO service, aligning security posture with ISO 27001, SOC 2, and HIPAA.
"Meaningful impact on security maturity with clear, actionable strategies tailored to operational environment."
"Pentestas took a methodical and business-aware approach to identifying vulnerabilities, streamlining our compliance efforts, and aligning our security posture with ISO 27001, SOC 2, and HIPAA. Their professionalism, responsiveness, and strategic insight made a meaningful impact on our organization’s security maturity."
Ahmed Javed
CTO, Edge
GNE Advisory: Long-Term Security Leadership for Nuclear Energy Law
Boutique law firm handling sensitive nuclear energy matters needed comprehensive IT security and management.
Long-term engagement (2+ years) covering security awareness, endpoint hardening, password management, cloud protection, and secure remote access.
"Professional, reliable security leadership - available on urgent basis including outside regular hours."
"Alexander is professional, reliable and available. He is clearly an expert in his field. Building trust in cybersecurity and IT-related services is obviously essential and Alexander has constantly demonstrated that my trust is well-placed."
Helen Cook
Principal, GNE Advisory
Half Past Nine: Proving Security to Enterprise Clients
Clients demanded proof that the company is secure.
Protected all cloud services, computers, vital accounts, communication paths, and file storage. Audited processes, overhauled policies, restructured access controls, and set up hardware keys.
"Enterprise clients satisfied with security posture - proof of security provided. Compliant with strict vendor procedures in rapid timeframe."
"Alex runs an excellent shop. Not only did they help us get compliant with strict vendor procedures in a rapid timeframe, but they genuinely cared and invested in full security, not just compliance. We look forward to leveraging Alex’s skills and expertise as a long term partner for years to come."
Kenneth Shen
CEO, Half Past Nine
Mannesoft: NIST 800-53 Compliance and DevSecOps Transformation
Needed NIST 800-53 compliance and improved secure software development and DevSecOps practices.
Full IT Security Audit covering NIST 800-53 v5, Secure Software Development, and DevSecOps assessment.
"Complete transformation of cybersecurity practices, enabling more secure product development."
Rho Nutrition: End-to-End Ecommerce and Workforce Security
Fast-growing ecommerce brand needed to secure its entire digital footprint - from the online store and payment processing to employee collaboration tools and endpoints.
Comprehensive security engagement covering ecommerce platform hardening, payment flow security review, Microsoft 365 and Google Workspace lockdown, endpoint protection, MFA enforcement across all services, and security awareness training for the full team.
"All customer-facing and internal systems secured to enterprise standards. Ecommerce platform, payment processing, cloud collaboration, and employee devices all hardened within 6 weeks."
Provence Financial: Enterprise-Grade Security for a Small Company
Small company needing comprehensive cybersecurity in a short timeframe.
4-month engagement building 14 defense categories, security awareness training, endpoint hardening with 450+ security settings.
"Enterprise-grade security at small company scale - same quality as nuclear plants and government institutions."
NRBY: SaaS Security and SOC 2 Compliance Path
SaaS provider needed to improve software development practices, DevSecOps, and achieve SOC 2 and NIST 800-53 compliance.
Full security assessment of IT, software development, business practices, and cloud environments, covering NIST 800-53 v5, plus SOC 2 compliance path.
"Information Security Program Plan delivered, SOC 2 compliance path initiated."
Cosmonauts & Kings: Securing Cloud and On-Premises Infrastructure
Needed to ensure cloud data, databases, servers, backups, and desktops were secure.
In-depth security assessment of email, collaboration systems, cloud infrastructure, on-premises infrastructure, and software development practices, covering full NIST 800-53 v5 scope.
"Comprehensive security assessment with cloud security and DevSecOps best practices addressed."
Pridatect: 360-Degree Security Assessment for Legaltech
Needed full 360-degree view of defense posture.
Comprehensive security assessment and Information Security Program Plan.
"200+ page report with detailed technical guidance for 12 months ahead."
Peace | Crowell: Multi-Year Cybersecurity for International Law
Long-term security needs for international law practice.
Multi-year cybersecurity collaboration.
"Ongoing partnership - details confidential due to nature of business."
CypressAR: Securing Cloud Collaboration and Remote Workforce
Tech company with a distributed team needed to secure cloud collaboration platforms, communication tools, and employee endpoints across multiple locations.
Full assessment and hardening of Microsoft 365 environment, endpoint security policies, MFA deployment, and secure remote access configuration for the entire distributed workforce.
"Cloud collaboration and communication systems fully secured. All employee endpoints hardened with enterprise-grade policies."
FMS Global: Enterprise Communication and Endpoint Security
International professional services firm needed to secure employee communication channels, collaboration tools, and endpoint devices across global offices.
Comprehensive security engagement covering email security, cloud collaboration hardening, endpoint protection, access management, and security awareness training for all staff.
"Unified security posture across all global operations with hardened communication channels and protected endpoints."
GMF Capital: Financial Services Security and Compliance
Financial services firm needed to secure cloud infrastructure, collaboration platforms, and ensure regulatory compliance for sensitive financial data.
IT Security Audit covering cloud infrastructure, Microsoft 365 security, endpoint hardening, data protection controls, and compliance gap analysis.
"Security posture aligned with financial industry standards. Cloud and endpoint environments hardened across the organization."
Go Live UK: Securing Digital Operations for a Creative Agency
Creative agency handling client data and digital assets needed to secure their collaboration tools, cloud services, and employee devices.
Security assessment and hardening of cloud collaboration platforms, email security, endpoint protection, and access management. Security awareness training for the creative team.
"All client data handling and internal collaboration systems secured. Team equipped with security awareness best practices."