Application and Cloud Security Experts

We provide security expertise on topics in which we have actual experience from the perspective of the customer.

  • Architecture Reviews

    Stratum leverages deep experience securely building, deploying, and operating large enterprise-grade applications in the cloud to ensure your application’s foundation is secure.

  • Application Testing

    Web applications have a complex and nuanced attack surface. As such, they require a custom approach by experienced professionals. Stratum consultants each have over 10 years of application security experience.

  • Created with Sketch.

    Code Review

    The Secure Source Code Review provides a 360º view into your application’s security posture. While dynamic application testing simulates a real-world attacker, examining an application’s source code can identify unseen risks.

  • Secure Code Training for Developers

    Stratum brings the attacker’s mindset to your development organization, providing your developers with an out-of-the-box approach to secure software development.

  • Amazon Web Services Security

    Stratum Security designed, deployed, and operated an enterprise SaaS that scaled to the demands of over 2,000 enterprise customers in AWS while satisfying the most demanding customer security requirements.

Case Studies

Decrease in the number of findings for each assessment, with some assessments resulting in no issues that need to be addressed prior to launch.

Read more

Stratum has been able to meet surges in testing needs while still delivering quality work products within SLA and based on GSK’s risk appetite.

Read more

Stratum’s agility in performing tests, often in windows where other vendors could barely get a proposal executed, and ability to push forward the overall mobile security program.

Read more

Our customers say

We are Stratum

An information security consulting company headquartered in the Washington DC Metro area, founded in 2005.

Stratum provides services to clients world wide. Our list of customers include large multi-national enterprises to small start-ups in numerous industries including finance, insurance, retail, hospitality, health care, government, technology, energy, and telecommunications.

Our Values

  • Created with Sketch.

    Listen

  • Over Communicate

  • Created with Sketch.

    Be Ego Free

  • Do What You Say

  • Improve Yourself

Stratum's goal is simple: Earn a customer's trust by being ridiculously easy to work with, do great work every single time, and know when to say no. We're a diverse group of security experts that advise customers on specific aspects of their information security program. To realize our goal Stratum has carefully grown our business, sought to make the right hires, and developed a core set of values for our employees that starts at the top.

Product development

First, we built ThreatSim, a highly scalable and popular phishing simulation platform. Now XFIL, a breach simulation platform. Developing secure applications and operating secure environments that meet our expectations gives us great insight into relevant customer challenges.


It is those areas where we we focus our consulting efforts as we better understand the trade-offs and limitations in the real world.

Our New Product

A Patented Data Exfiltration Tool

Simulate how attackers exfiltrate data from an organization’s network. XFIL simulates the actions an attacker takes the moment after the exploit and exercises your organization's entire security apparatus.

Test and Validate

Test and validate your network security controls such as firewalls, proxies, IDS/IPS, DLP, etc.

Emulate Cyber-Attacks

Emulate an attacker’s attempts to discover, gather, and exfiltrate sensitive data from your network.

Multiple Test Levels

Understand where things start to break. Begin with simple file transfers, then increase sophistication using non-standard ports and protocols, known C2 beaconing, and custom encryption.

Encryption Use

Perform tests using encryption, advanced tunneling and customizable data strings specific to your industry or environment.

Blind Spots Identification

Identify blind spots from the inside of your network out to the Internet.

Professional Services

XFIL can be leveraged in a variety of different deployment models and customized for your environment to target only those risks that you are most concerned with.

Work with us

Stratum was founded by technical security consultants. We have a very easy-going atmosphere, minimal corporate overhead, great co-workers, a highly technical environment, and dedication to keep it that way.

Above all else, you get to work with people that you like, who are just as dedicated to their work as you are, and who want you to succeed.

FAQ

Open positions

Application Security Consultant

Contact us

Thank you for your interest in our services.

For more information, please contact us at [email protected] or use the form below:

*
*
*
*
*
*
↻ Reload Captcha

12110 Sunset Hills Rd #600, Reston, VA 20190

Phone: 888-408-1337

[email protected]