A pen-testing company founded by pen-testers
The idea came to us while working on a long project in the Middle East. As self-confessed ‘nerds’ our conversations always came back to problems with the Pen-testing industry. As we talked, the same fundamental problems kept coming up; antiquated engagement processes, cumbersome scheduling, long waits for even longer reports, and above all, terrible value-for-money.
The model was broken.
So, with time on our hands, we plotted a way to fix it. We would cut out the costly overhead of the middleman and allow clients to work flexibly with experienced, quality-assured pen-testers who wouldn’t cost the earth . We knew that without the financial pressure to cram tests into a couple of days, clients and pen-testers could work together over a longer period to achieve a much deeper level of security.
We built the client interface, recruited freelancers we respected, pitched to our first client and haven't looked back...
Co-Founder & CEO
Dave has more than 10 years experience in the IT Security industry. Prior to this he held a variety of technical consultancy roles including software development and load & performance testing.
As a result, Dave has a unique understanding of many applications, languages, platforms and technologies which allows him to perform more thorough penetration tests.
Co-Founder & COO
Adam has a wealth of experience and expertise gained in over 15 years at all levels of the IT Security Assessment industry. He started out in the Ministry of Defence where he helped establish the MoD’s new Defensive Information Operations Branch.
In 2004 he was accredited as a CESG CHECK Team Leader - the UK's most highly-regarded qualification for a penetration tester and delivered over 300 CESG CHECK IT security health checks for private sector clients.
Co-Founder & Product development
Conor has worked in in IT-security for over ten years. His past experience includes working as a web application and network infrastructure penetration tester at McAfee and Portcullis.
He has held roles as an Incident Response analyst with Barclays, and as an IT security consultant and forensics analyst with Rits Information Security.
Tom has been working as a professional web developer for 9 years, with 3 of those spent in the IT Security industry.
He is an experienced developer having worked in both consultancy and development roles. His long term interest led him to the IT Security industry and he's not planning on leaving any time soon.
Gerard's background is in Marketing. He has worked in the Financial services, Media and the charity sectors. He has experience in creating engaging communications campaigns for corporate audiences.
He's passionate about creating practical tools that help business to change their behaviour.
We’re always looking for talented penetration testers to join our panel. So if you’ve got an industry standard qualification (CREST, TigerScheme, OSCP) and five years experience send a CV to: firstname.lastname@example.org.
ONSECURITY LLP - 2018
ONSECURITY LLP is a company registered in England and Wales. Registered number: OC394445
Registered office: 3rd Floor Scottish Mutual House 27-29 North Street, Hornchurch, Essex, RM11 1RS
WEBSITE USAGE TERMS
1. USE OF SITE
You may use the website and its content solely for your purposes and/or to learn about ONSECURITY LLP products and services. No right, title or interest in any content is transferred to you, whether as a result of downloading such content or otherwise. ONSECURITY LLP reserves complete title and full intellectual property rights in all content. You may not use, alter, copy, distribute, transmit, or derive another work from any content obtained from this website.
2. COPYRIGHT INFORMATION
The website and the content are protected by copyright laws, and belong to ONSECURITY LLP. The copyrights in the content are owned by ONSECURITY LLP or other copyright owners who have authorized their use on the website.
3. REGISTERED TRADEMARKS
You are prohibited from using any of the logos appearing throughout the website without permission from the trademark owner.
4. LINKS TO THIRD-PARTY WEB SITES
5. LINKING TO THIS SITE
If you would like to link to the website, we encourage you to do so. You may connect “deep links” to the Site pages in their own browser frame if you wish.
6. DOWNLOADING FILES
ONSECURITY LLP cannot and does not guarantee or warrant that files available for downloading through the website will be free of infection by software viruses or other harmful computer code, files or programs.
Any software available for download via the website is the copyrighted work of ONSECURITY LLP. Use of such software is governed by the terms of the end user license agreement that accompanies or is included with the software. Downloading, installing, and/or using any such software indicates your acceptance of the terms of the end user license agreement.
8. LIMITATION OF LIABILITY
In no event will ONSECURITY LLP be liable for any damages whatsoever, including, but not limited to any direct, incidental, consequential, special, exemplary or other indirect damages arising out of (i) the use of or inability to use the site or the content, (ii) any transaction conducted through or facilitated by the site; (iii) any claim attributable to errors, omissions, or other inaccuracies in the site and/or the content, (iv) unauthorized access to or alteration of your transmissions or data, or (v) any other matter relating to the site, the service.
WELCOME TO ONSECURITY LLP
1. INFORMATION WE COLLECT
When you interact with us through the Site, we may collect information from you, as further described below:
Information You Provide: We collect information from you when you voluntarily provide such information. Information we collect includes your full name and email address (provided via the ‘contact us’ form).
2. OTHER INFORMATION:
Data We Collect Automatically: When you interact with us through the Services, we may receive and store certain information such as an IP address, device ID, and your activities within the Services. We may store such information or such information may be included in databases owned and maintained by affiliates, agents or service providers. The Services may use such information and pool it with other information to track, for example, the total number of visitors to our Site, the number of messages users have sent, as well as the sites which refer visitors to OnSecurity.
Aggregated Information: In an ongoing effort to better understand and serve the users of the Services, we may conduct research on our customer demographics, interests and behavior based on the information collected. This research may be compiled and analyzed on an aggregate basis, and we may share this aggregate data with our affiliates, agents and business partners. We may also disclose aggregated user statistics in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes.
We use the following 3rd party tools/products to provide the site or analytics about how you use the site:
- Google Analytics
- Strikingly site hosting
3. WHERE INFORMATION IS PROCESSED
The Company is based in the United Kingdom. Your information is processed in the United Kingdom only and is not transferred outside the EEA unless requested by you.
4. OUR USE OF YOUR INFORMATION
5. OUR LEGAL BASES FOR HANDLING OF YOUR PERSONAL DATA
The laws in some jurisdictions require companies to tell you about the legal ground they rely on to use or disclose your personal data. To the extent those laws apply, our legal grounds are as follows:
To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ request in anticipation of entering into a contract with them. For example, we handle personal data on this basis to create your account and provide our Services.
Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals: This includes:
Providing a safe and enjoyable user experience;
Marketing, e.g. sending emails or other communications to let you know about new features;
Protecting our users, personnel, and property;
Analyzing and improving our business, e.g. collecting information about how you use our Services to optimize the design and placement of certain features;
Processing job applications;
Managing legal issues.
Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations.
To protect the vital interests of the individual or others: For example, we may collect or share personal data to help resolve an urgent medical situation.
Consent: Where required by law, and in some other cases, we handle personal data on the basis of your implied or express consent.
6. OUR DISCLOSURE OF YOUR INFORMATION
The Company is not in the business of selling your information. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may share your information with certain third parties, as set forth below:
Business Transfers: As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, bankruptcy, dissolution or similar event, your information may be part of the transferred assets.
Consent: We may transfer your information with your consent.
Developers: Developers using our SDK or API will have access to their end users’ information, including message content, message metadata, and voice metadata. Developers must use such information only to provide the SDK/API functionality within their applications and/or services.
Agents, Consultants and Related Third Parties: Like many businesses, we sometimes hire other companies or individuals to perform certain business-related functions. Examples of such functions include mailing information, maintaining databases and processing payments.
Legal Requirements: We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend the rights or property of the Company or Related Companies, (iii) protect the personal safety of users of the Services or the public, or (iv) protect against legal liability.
Aggregated or Non-identifiable Data: We may also share aggregated or non-personally identifiable information with our partners or others for business purposes.
7. UNSOLICITED INFORMATION
You may provide us with ideas for new products or modifications to existing products, and other unsolicited submissions (collectively, “Unsolicited Information”). All Unsolicited Information shall be deemed to be non-confidential and we shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution.
8. LINKS TO OTHER WEB SITES
9. DATA RETENTION
We generally retain personal data for so long as it may be relevant to the purposes identified herein. To dispose of personal data, we may anonymize it, delete it or take other appropriate steps. Data may persist in copies made for backup and business continuity purposes for additional time.
We take reasonable steps to protect the information provided via the Services from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error free. In particular, email sent to or from the Services may not be secure. Therefore, you should take special care in deciding what information you send to us via email. Please keep this in mind when disclosing any information via the Internet.
11. YOUR DATA RIGHTS AND CHOICES
We believe that users should be treated equally no matter where they are, and so we are making the following options to control your data available to all users, regardless of their location. You can also unsubscribe from certain emails by clicking the “unsubscribe” link they contain. You can opt out from certain cookie-related processing by following the instructions above in “Other Information.”
Under the Data Protection Act 1998 you have legal rights to obtain confirmation of whether we hold personal data about them, to access personal data we hold about them (including, in some cases, in portable form), and to obtain its correction, update, amendment or deletion in appropriate circumstances. You may also object to our uses or disclosures of personal data, to request a restriction on its processing, or withdraw any consent, though such actions typically will not have retroactive effect. This will not affect our ability to continue processing data in lawful ways.
How can I access the personal data you have about me?
To access a copy of the personal information we hold on you, contact us using any of the methods available on the ‘Contact Us’ page.
How do I correct, update, amend, or delete the personal data you have about me?
Similarly, contact us using any method in the ‘Contact Us’ page and we will assist you in updating or deleting your personal data.
How do I object or restrict the manner in which OnSecurity processes my personal data?
You have the right to opt out of all of our processing of your personal data for direct marketing purposes. You may also click the “unsubscribe” link in any of our marketing emails.The rights and options described above are subject to limitations and exceptions under applicable law. In addition to those rights, you have the right to lodge a complaint with the relevant supervisory authority. However, we encourage you to contact us first, and we will do our very best to resolve your concern.
13. CONTACTING US