Federacy
Federacy is a B2B company based in San Francisco, CA, offering specialized penetration testing and bug bounty platform services, primarily serving the engineering, product, and design sectors.
Overview of Federacy
Federacy is a company specializing in penetration testing and bug bounty platform services. With its main location in San Francisco, CA, USA, the company operates with a team size of 2 and provides remote services as well. Federacy is part of the B2B industry, focusing particularly on engineering, product, and design sectors. It participated in the Y-Combinator S18 batch and serves regions including the United States, Canada, and other fully remote locations.
Penetration Testing Services
Federacy offers comprehensive penetration testing services using cutting-edge research techniques. These services include SOC2 compliance requirements and vendor security assessments across web and mobile applications, APIs, and external network infrastructure. The methodology employed involves over 100 hours of manual testing and more than 200 individual tests and security checks. Federacy's approach incorporates key industry specifications such as OWASP ASVS, the Testing Guide, NIST SP 800-53A, and OSSTMM Web Application Methodology.
Certified Security Researchers
Federacy's security research team includes professionals who have affiliations with reputable institutions like MIT, Carnegie Mellon, CERT, Google, Twitter, and PricewaterhouseCoopers. These experts hold advanced certifications such as OSCP, OSCE, CISSP, CREST, and CEH. The team's focus areas include vulnerability chaining, business logic, authentication, and authorization, ensuring a thorough and detailed examination of potential security risks.
On-Demand Cybersecurity Guidance
Federacy provides on-demand, CISO-like guidance as a part of its service offerings. This includes outsourced CISO-like support available through Slack, which helps clients with architectural and security tooling decisions, dependency risk assessment, and vulnerability remediation. Federacy also offers on-demand penetration test reports for auditor, partner, or customer security requests, and their pentests satisfy compliance requirements for SOC2, ISO 27001, and HIPAA.
Pricing and Engagement Model
Federacy offers modern penetration testing services for startups, with pricing starting at $9,500 USD. The company's engagement model includes year-round support, providing continuous guidance and security assessments tailored to meet various compliance and security standards. This model aims to ensure that clients receive consistent, high-quality security oversight and support.