You must be logged in to sponsor kravietz
Become a sponsor to Paweł Krawczyk
Hello, I'm Paweł Krawczyk, an information security professional with 20+ years of experience, our information security consultancy and I do a broad range of application and infrastructure security services.
- Penetration testing of systems of any complexity, from a single-layered websites to multi-tier applications incorporating multi-tier web architectures and physical devices. We tested for major investments banks in the UK, electric grid operators, physical access controls management vendor and dozens of other companies globally.
- Threat modeling and security design including data flows, trust boundaries, qualitative and quantitative risk assessment and standardised catalogue of safeguards for use by our clients' architects. We use and contribute to major industry standards such as OWASP ASVS.
- Continuous vulnerability assessment of infrastructure and business applications. We have vast experience with designing and deploying DAST, SAST and IAST solutions directly into your Continuous Integration pipeline running along with functional testing. We work with all major CI/CD platforms including Jenkins, Buildbot, GitLab, Travis, BitBucket etc.
- Software security scanners consulting and evaluation allowing you to find the best DAST, SAST and IAST solution at the best price and ensuring it will be not only tightly integrated with your existing pipeline but also produce the best possible results for your development language and framework of choice. We have hands-on experience with products such as CheckMarx, Contrast, HP Fortify, RIPS, Nessus as well as broad range of open-source tools such as SpotBugs, Bandit, Brakeman and others.
- Protective monitoring solutions including network level probes (Snort, Suricata) as well as host-level log analysis and intrusion detection systems based on Wazuh (OSSEC) to which we frequently contribute. We deploy protective monitoring infrastructure to systems composed of thousands of servers in AWS cloud and on-premise environments, including data analysis (ELK), instant alerting (Slack, PagerDuty) as well as design of incident response procedures.
- Systems hardening and security control enforcement. We use and contribute to a number of industry standards such as InSpec and we support all major configuration management systems such as Ansible, Puppet and Salt, on Linux, FreeBSD and Solaris.
Contact details on https://krvtz.net/pages/contact.html
Featured work
-
kravietz/poppassd-ceti
POP3 password change daemon
C 4 -
dev-sec/ansible-collection-hardening
This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL
Jinja 4,073 -
kravietz/blacklist-scripts
Various IP blacklisting scripts for Linux and OpenWRT
Shell 119 -
kravietz/pam_tacplus
TACACS+ protocol client library and PAM module in C. This PAM module support authentication, authorization (account management) and accounting (session management)performed using TACACS+ protocol d…
C 132