As of February 2022, the team at Maven Security has joined Palindrome Technologies (https://www.palindrometech.com/) where we plan to continue providing web, mobile, and API security testing as well as deeper magic in the areas of hardware and IoT device testing (in our ISO/IEC 17025 accredited lab). There are also various other types of cyber security testing we can perform: Kubernetes and container security analysis, server configurations, source code review, protocol analysis, cloud security configuration analysis, HITRUST, etc.
Check out our new home at https://www.palindrometech.com/
Honor + Knowledge = Security™…since 2001
Maven Security Consulting Inc. is a vendor-independent security consulting firm that helps companies secure their information assets and digital infrastructure by providing a wide range of customized consulting and training services.
Services include ethical hacking; web application security testing; mobile application security testing; network security testing; cybersecurity training; expert testimony (civil and criminal); and architecture analysis, design, and security testing for Next Generation Networks (NGN), including VoIP.
Maven Security has a global client base across the US, Canada, Europe, Asia, and Australia. We help customers in many market sectors including SaaS providers, utilities, aerospace, government, banking, software, and recreation.
Maven Security is a privately held company established April 2001 and headquartered in Delaware, United States.
Maven Security Firsts
Maven has always had a commitment to giving back to the community, and that has lead to a number of “firsts” we are proud of.
Achilles
Status: Retired
Achilles was the first publicly released general-purpose web application security audit tool. While quite basic by today’s standards, it was transformative to have an easy to use, publicly available tool to intercept and modify web traffic.
WebMaven
Status: Retired
WebMaven was the first interactive web application that emulated various security holes. This was a useful tool for training and self-learning as a way to safely & legally practicing IT security audit techniques, as well as bench marking and vetting audit tools. It was adopted by the Open Web Application Security Project as OWASP WebGoat v1 in ~ 2002.
Web Security Dojo
Status: Active
Another industry first: An open-source self-contained training environment for web application security penetration testing. The Dojo contains everything needed to get started – tools, targets, and documentation, all preconfigured for ease of use. There are thousands of downloads of this project every month, and many people have used it to increase their knowledge of web security.