About us

The future of application security testing is being created by our team!

Overview team and key results

Our group of companies has been on the market for more than 10 years and offers a range of professional services in the field of information security, as well as a number of innovative products. The history of our team is connected with practical research at the Faculty of Computer Science at MSU.
The results were presented at top conferences such as OWASP AppSec Europe, OWASP EU Summit, DefCon, BlackHat.
From the team, SolidLab company had emerged in 2011. Ever since SolidLab has been doing pentests and security assessments of the most complex applications and infrastructures.
The results of SolidLab's work have been repeatedly presented at practical conferences - Hack in the Box, Positive Hack Days, OffZone.
In 2014, we started a new product - an intelligent Web Application Firewall - SolidWall.
In 2024, the product will turn 10 years old - it is a really mature product with a lot of innovative solutions implemented under the hood.
If you want to get more information about SolidWall
In 2021, we started another cutting edge project - an intelligent application scanner SolidPoint. The innovative solutions implemented there were published in scientific articles, and presented at the WASP at ESORICS 2023 conference.
We continuously assess performance of our scanner in Bug Bounty programs. Indeed, if our tool is able to discover issues in applications that were already tested hundreds of times by security researchers all over the world, then we can emphsize its value.
Submission of valid security reports in Bug Bounty programs confirms the potential of our tool to uncover issues in most complex scenarios. Also, it clearly shows the disctinction of our tool from the existing ones, that have failed in uncovering issues reported by us.
Bug Bounty profiles:

Thanks received

Public programs that our team has engaged with, and thanks received

CVEs & advisories


WASP @ ESORICS 2023, Finding server-side endpoints with static analysis of client-side JavaScript
See more
Hack in the Box 2013, Amsterdam
See more
BlackHat EU 2013, Hybrid defense: how to protect yourself from polymorphic 0-days
See more
DefCon 2012, Demorpheus: Getting Rid Of Polymorphic Shellcodes In Your Network
See more
OWASP EU Summit 2009
See more
OWASP AppSec Europe 2008
See more

Start boosting your App Security testing today with us