CONSULTING SERVICES
DORA Compliance
End-To-End
Solution
Read more
OUR TESTING SERVICES
Penetration
Testing & Adversary
Simulation
Read more
CASE STUDY
Cybereason - Protecting your last line of defence
Read more
WHY SECFORCE
How to select a Penetration Testing Vendor
Read more

About us

SECFORCE is a cybersecurity consultancy, specialized in offensive security assessments offering both Consulting and Testing Assurance services.

Certified Excellence

Security is one of the biggest priorities for organisations today.

The threats are real, constant and ever-changing. This is no time to compromise your security.

That is why some of the world’s leading organisations trust Secforce to test their systems, upgrade their security programmes and comply with their regulations.

We are a team of exceptional security consultants, with the knowledge and insight to identify vulnerabilities and help you secure your systems.

Our Testing Services

Penetration Testing

The key to an effective penetration test is not simply to identify weaknesses; it is critical to explore these weaknesses to understand the real threat risk for any organisation.

Learn more

Adversary Simulation

The real value of a Targeted Attack Simulation stems from its adoption of the ‘assume breach’ mindset. This makes it possible to assess the effectiveness of an organisation’s s…

Learn more

Our Consulting Services

Penetration Testing Maturity

Penetration Testing Maturity

A holistic review of your testing programme aimed to understand its effectiveness and provide the advice and approach to maximise your results and enhance your security posture.

Learn more
DORA Compliance

DORA Compliance

An end-to-end solution providing the necessary consulting capabilities, our proven track record of technical expertise and partnerships to cover all the DORA requirements.

Learn more

Discover our uncompromising commitment to quality

About us

Case Studies

Cybereason, last line of defence
See all cases
How Nedbank mitigates cyber attacks
See all cases

The Lab

April 22, 2024

CVE-2023-26465 - Breaking Through XSS Filters in Pega Platform

Take a look at how we managed to break through XSS filters using Markdown-nesting and user mentioning functionalities in Pega Platform

See more
June 6, 2023

Size matters! When capital letters introduce vulnerabilities

Microsoft Dynamics 365 Rich Text Editor XSS

See more
Jan. 19, 2023

AWS Cognito pitfalls: Default settings attackers love (and you should know about)

Diving into some common, but sometimes overlooked, AWS Cognito misconfigurations.

See more

The Blog

July 7, 2025

16 Hours At DEF CON: An Insider View On Antivirus Bypassing

red teamer, Dimitri Di Cristofaro, and his fellow hacker, Giorgio Bernardinetti, are running a full 16-hour training course on advanced antivirus (AV) evasion and malware execution at DEF CON 33. We spoke to Dimitri about what participants can expect, and more.

See more
June 3, 2025

6 Things To Do After Receiving Pen Test Results

It’s not as simple as “just fixing things". This article is our advice on how to go from pen test results (and recommendations) to successful post-test remediation.

See more
April 24, 2025

Pen Testing Price List UK and EU Guide 2025

In this blog post, we give you a behind-the-scenes look at pen test pricing in 2025 and share an 11-point checklist for UK and EU pen test buyers.

See more