Security Innovation

Additional Info

Company size (employees)100 to 499
Headquarters RegionNorth America


Security Innovation is a leader in software security. For almost two decades, SI has helped global clients defend software applications and sensitive data from cyber-threats and attacks. We understand the challenges facing today’s enterprise, where reputation and customer trust are on the front lines. That’s why we continually work to discover and overcome the latest security threats with our Centers of Excellence, and integrate this knowledge into every training and assessment solution we deliver.
The software runs the modern world. We’ve been making the use of software safer in the most challenging environments – whether in Web applications, IoT devices, or the cloud.

How we are different

* Our CMD+CTRL Cyber Range is the only authentic web application cyber range. The CMD+CTRL suite features 8 intentionally vulnerable applications and websites that tempt players to steal money, find out their boss’s salary, purchase costly items for free, and conduct other nefarious acts. Hundreds of vulnerabilities, common to most business applications, lay waiting to be exposed.
* To meet the demand for feature-rich solutions, tech stacks constantly evolve. To reduce the risk increased complexity brings, teams need to collectively get smarter, from coding to configuration. We offer the industry’s largest security library with over 200 courses, for those who build, operate, and defend software. Our micro-learning approach makes it a cinch to build target skills with turn-key but customizable learning paths.
* We hire only proven application security experts that have the right mix of skills: software engineering, knowledge of various technologies and application scenarios, and creative imagination. Each Security Innovation engineer is required to keep their skills honed; therefore, 10% of their time is allocated towards professional development and research in a specific field of application security. We conduct regular internal brown-bag presentations for information sharing about new technologies, techniques, attacks, etc. For structured training, engineers have direct access to our industry’s largest application security eLearning library. We do not double book our engineers on projects – ever. During an engagement, clients have the full attention of all assigned engineers as well as a project manager to deliver daily status for short engagements and a summary mail for longer ones.