About Us
With decades of experience behind Mantra Information Security, it is a great choice to cover your IT-Security related needs. We follow a unique approach that helps our clients to remediate their vulnerabilities and improve their security posture instead of following the traditional way, where a report is delivered without further aid. Our approach follows:
- All projects are considered unique.
- Full stack consultancy approach, end-to-end support.
- Client tailored services, to solve specific issues the best possible way.
Mantra thrives on research where the newest techniques are invented and applied in our daily routines. Old problems are solved by trusted solutions, new issues are mitigated by our bleeding-edge research in no time, and bottlenecks turned into seamless processes.
The Founder of Mantra
Mantra Information Security was founded by Balazs Bucsay in 2023. As a distinguished expert in IT-Security, he has delivered over 20 technical presentations at various international conferences, including notable events in London, Singapore, Budapest, and Melbourne.
With more than 20 years of experience in the field, supported by degrees in Computer Science and Mathematics, Balazs has conducted extensive research across diverse technologies. His latest venture, Mantra, aims to provide high-quality security solutions tailored to meet client needs.
Services
Check our Services
Full Stack Security Consultancy
From beginning to end, we offer full-stack consultancy, guiding you through every step of the process. We take the time to deeply understand your challenges, develop tailored solutions and work alongside you to ensure their seamless and effective implementation.
Artificial Intelligence
We provide comprehensive AI security testing, focusing on the OWASP LLM Top 10 including prompt injection, data leakage and inadequate sandboxing. Our approach identifies vulnerabilities, tests model robustness and ensures effective mitigation strategies to protect AI systems from emerging threats. From assessment to implementation, we help secure your LLM applications against adversarial attacks and exploitation.
Web Applications
In-depth security assessments for web applications and APIs, identifying vulnerabilities beyond the OWASP Top 10, including business logic flaws, authentication bypasses and complex authorization issues. Our testing goes beyond automated scans, uncovering logic-based attacks, race conditions and privilege escalation risks to help strengthen your application’s security against real-world threats.
Cloud
Cloud security assessments across Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP) and other platforms, ensuring a robust and secure configuration. Every service, from identity management to storage and networking is thoroughly reviewed to detect misconfigurations, privilege escalation risks and compliance gaps. The result is a hardened cloud environment with best-practice security controls, minimising attack surfaces and protecting critical assets.
Network
Deep-dive security assessments at the network level, covering both internal and external infrastructure. Exposed services are analyzed for exploitable vulnerabilities through thorough manual testing, not just automated scans. From misconfigurations to privilege escalation paths, every weakness is identified and validated to provide a clear picture of real-world attack scenarios and actionable remediation strategies.
Mobile
Comprehensive security assessments for mobile applications on Android and iOS platforms. Each app is manually tested for vulnerabilities including insecure data storage, improper authentication, code injection risks and weak encryption. With a focus on real-world attack vectors, we ensure that mobile apps are secure against unauthorised access, data breaches and other security threats, providing a robust defense for your users.
IoT / Embedded
Thorough security assessments for IoT and embedded devices, focusing on reverse engineering, backdoor detection, cryptographic weaknesses and other vulnerabilities. We manually test for firmware flaws ensuring that your devices are resilient against exploitation and data breaches, with a focus on strengthening security from the ground up.
Source
Source code review from a security perspective to enhance coding practices and identify vulnerabilities. We examine the code for issues like insecure data handling, authentication flaws, and cryptographic weaknesses. By spotting bugs and poor practices, we help eliminate security risks and ensure your application follows strong, secure coding standards.
Reverse Engineering
Uncovering vulnerabilities and extracting Intellectual Property or proprietary technology from compiled applications. Binary files and executables are disassembled and decompiled, with the outputs undergoing detailed manual analysis. This process reveals hidden risks, exposes unauthorised access points, and provides insights into potential security flaws, ensuring robust protection of your digital assets.
Training Delivery
Training is offered across a wide range of Information Security topics, tailored to various expertise levels. Our courses include Security Awareness Training for employees, Ransomware Detection Training for system operators and administrators, as well as Software Reverse Engineering (SRE) to help develop advanced technical skills. These programs are designed to equip your team with the knowledge and tools to effectively tackle security challenges.
More information about our SRE training can be found under: Software Reverse Engineering (SRE) Training
Subcontracting
Let us ease your workload
Highly skilled professionals
Our consultants could pick up where others have left off with minimal onboarding
Following demand
We can help you balance your demand, you can contract us for as long as you need
Staff augmentation
We can cover for specific roles in your company, while you find your perfect permanent candidate
Contact
Contact Us