Projects & results
Finding 6 CVE's in open source libraries
A customer project led us into a rabbit hole finding multiple issues in third-party packages, resulting in critical vulnerabilities in our client's final product. Together with the DIVD we disclosed the findings to the open source communities, which resulted in fixes and 6 CVEs, found by our security experts Thomas Rinsma and Kevin Valk.
We're really happy that this directly contributes to our purpose is to make the digital world a safer place. For details on these vulnerabilities see our vulnerability write-up "Dangerous assumptions" in our stories section.
Capptions is a software company that specializes in the development of EHS software. Their goal is to make safety compliance easier, faster, and more enjoyable for non-desk workers. We conducted a thorough code review for Capptions and sought feedback from their Founder & CTO, Ruben Stolk. He distilled his experience into three key takeaways:
"I appreciate your approach to work. The review environment makes it systematic without losing confidence that a real person is responsible for the work, not just AI."
"As someone who likes to delegate non-core business tasks, I appreciate the insights you provided into our software's security that I wouldn't have been able to obtain on my own."
"Throughout the entire process, I felt like you were in control and possessed the necessary expertise."