Security Assessments

Partner or compliance asking for a pentest?

Let us help you secure your company. We take the time to learn your software and utilize the rigorous OWASP Application Security Verification Standard.


Federacy combines automated scanning with small teams of talented security researchers. We focus on vulnerability chaining, business logic, authentication and authorization.

OWASP Application Security Verification Standard


  • Pentest PDF Report for compliance purposes
  • Prioritized reports available continuously with Federacy Security Inbox
  • Remediation advice and Slack/Keybase channel for real-time input
  • Free re-tests & fix validation
  • JIRA or Github Issues Import
Federacy vulnerability inbox

Top tier researchers

All Federacy researchers are hand-picked and pre-vetted. We have a diverse skill-set covering essentially every technology and framework including mobile applications, APIs, and platforms.

From academics to CISOs, full-time bug bounty hunters to professional pentesters, our researchers have studied or worked at institutions including: MIT, Carnegie Mellon, CERT, PricewaterhouseCoopers, Google and Twitter.