About Us
With decades of experience behind Mantra Information Security, it is a great choice to cover your IT-Security related needs. We follow a unique approach that helps our clients to remediate their vulnerabilities and improve their security posture instead of following the traditional way, where a report is delivered without further aid. Our approach follows:
- All projects are considered unique.
- Full stack consultancy approach, end-to-end support.
- Client tailored services, to solve specific issues the best possible way.
Mantra thrives on research where the newest techniques are invented and applied in our daily routines. Old problems are solved by trusted solutions, new issues are mitigated by our bleeding-edge research in no time, and bottlenecks turned into seamless processes.
The Founder of Mantra
Mantra Information Security was founded by Balazs Bucsay in 2023. As a distinguished expert in IT-Security, he has delivered over 20 technical presentations at various international conferences, including notable events in London, Singapore, Budapest, and Melbourne.
With more than 20 years of experience in the field, supported by degrees in Computer Science and Mathematics, Balazs has conducted extensive research across diverse technologies. His latest venture, Mantra, aims to provide high-quality security solutions tailored to meet client needs.
Services
Check our Services
Full Stack Security Consultancy
From begining to end, full-scale consultancy. We aim to understand the issues, propose solutions to them and help implement them.
Penetration Testing
Various types of assessments where the goal is to find the most vulnerabilities in a system in a limited timeframe.
Vulnerability Assessment
Automated tools and techniques used to find publicly known vulnerabilities in systems. False-positives are eliminated manually.
Reverse Engineering
Recovering vulnerabilities, Intellectual Property or proprietary technology from compiled applications. Binary files and executables are disassembled and decompiled. The outputs are manually analysed.
Source Code Review
Source code review from security a point of view to improve coding practices and discover vulnerabilities. Identifying bugs and bad practices that need to be eliminated.
Cloud Configuration Review
Complex configuration reviews in the cloud to improve the security posture of the environment.
Threat Modelling
High level overview of a system to protect against practical and hypothetical attack vectors that might arise during implementation. Proactively defending against the issues of the future.
Training Delivery
Training is provided on various topics in the realm of Information Security, ranging from high-level to low-level subjects. Our courses include Security Awareness Training for your staff, as well as Malware Analysis and Software Reverse Engineering (SRE) to develop new skills.
More information can be found under: Software Reverse Engineering (SRE) Training
Penetration Testing
Types of Penetration Testing
Infrastructure Assessment
In internal or external infrastructure tests, services are identified and exploited to gain access to the servers. In contrast to the vulnerability scanning, this is done manually to provide the most value.
Web Application and API Testing
Web based applications and APIs are tested manually and with automated tools to identify vulnerabilities that can be fixed in the remediation phase.
Mobile Application Assessment
The security posture of mobile applications is assessed to provide an accurate summary. This includes the application itself and its backend's security as well.
Wireless Assessment
The wireless network's security is reviewed to understand the associated risks. Both encryption and authentication related protocols are checked, also the device and client configuration are also reviewed.
IoT/Embedded Device Review
Internet of Things and embedded devices are reviewed from every perspectives to find vulnerabilities that might be exploitable by attackers, which can affect device manufacturer or the end-user.
PCI DSS Penetration Testing
To comply with PCI DSS requirements, we can conduct the required penetration testing and help mitigate the identified vulnerabilities.Subcontracting
Let us ease your workload
Highly skilled professionals
Our consultants could pick up where others have left off with minimal onboarding
Following demand
We can help you balance your demand, you can contract us for as long as you need
Staff augmentation
We can cover for specific roles in your company, while you find your perfect permanent candidate
Contact
Contact Us