Offensive Security:


Tactics, Techniques, and Procedures

Penetration Testing:


On-premises and Cloud Infrastructure




Red Team :


Tactics, Techniques and Procedures in Simulated/Emulated Attacks that put the entire organization to the test


Social Engineering :


From phone calls to physical intrusion



Application Security Testing:


Web, Mobile, APIs, Platform as a Service (PaaS) : DAST/SAST


PCI DSS compliance :


Pentesting from infrastructure to applications and PoS, Transactional Switches, Authorizers


Open-Sec : Security Breakers!

Image

Open-Sec is a company dedicated to providing offensive security tests for organizations that require the evaluation of the risk faced by the information assets they own and that are exposed through various forms of technology. Through the results of these tests, Open-Sec provides specific recommendations to eliminate or mitigate risks.

  • Regulations taken as a basis for these offensive security services correspond to: PCI DSS, SOX, SWIFT, Debit/Credit Card local regulations and methodologies like OSSTMM and OWASP Guides.

The proposed solutions are customer focused in order to maximize their investement in the security, reducing the risks and the time of securing your most important asset : data. These solutions follow three main criteria :

  • Make sure that technology guarantees the integrity, confidentiality and availability of information's organizations.
  • Simplify security management of thechnology in use ensuring its correct operation.
  • Speed up the hardening process in organizations by applying the suitable technology for constanstly evolving requirements.



Our Team

Image

[email protected]

Hernan Parodi

Hernán is our CEO and Senior Pentester (eWPT)/ Red Teamer. He is an expert breaking applications and infrastructure security. He has been part of the Open-Sec team since 2010.
For more information about Hernán’s experience, go and check his LinkedIn profile: Hernan Parodi

Image

[email protected]
oscar_mrdc

Oscar Martinez

Oscar is a Senior Pentester / Red Teamer, backed up with many certificates like: OSCP, eCPPT, WhiteHat Security Certified Secure Developer, eWPT, eMAPT and CISM. He is an expert breaking security of applications. He has been part of the Open-Sec team since 2012.
For more information about Oscar’s experience, go and check his LinkedIn profile: Oscar Martinez

Image

[email protected]

César Cuadra Pacheco

César is a Senior Pentester / Red Teamer, backed up with several certificates like: OSCP, eCPPT, eCPPTX, eWPTX, CISSP, C|EH and Security+. He is an expert breaking security of applications and industrial control systems and, also, the Technical Leader of Open-Sec Team.
He has been part of the Open-Sec team since 2008.
For more information about César’s experience, go and check his LinkedIn profile: César Cuadra

Image

[email protected]
@wcu35745

Walter Cuestas Agramonte

Walter is the OffSec Research Leader (OSCP, OSCE, WhiteHat Security Certified Secure Developer).
Also, he has been leading the Open-Sec pentesters/red teamers since 2006.
For more information about Walter’s experience, go and check his LinkedIn profile: Walter Cuestas

Image

[email protected]
@WilliamMarchand

William Marchand

William is a Senior Pentester (eJPT, C)PTE)/ Red Teamer in Open-Sec. He is an expert breaking infrastructure security. He has been part of the Open-Sec team since 2017.
For more information about William’s experience, go and check his LinkedIn profile: William Marchand

Image

[email protected]
@h3raklez

Felipe Gonzalez

Felipe performs is a Senior Pentester in Open-Sec, backed up by several certifications like: OSCE, OSCP and OSWP. He won international challenges like “Malware Analysis” from ESET (Ekoparty 2010) and “Hackers Challenge” from Radware (2018). He has been part of the Open-Sec team since 2017.
For more information about Felipe’s experience, go and check his LinkedIn profile: Felipe Gonzalez

Image

[email protected]
@gvallejoInfoSec

Gustavo Vallejo La Torre

Gustavo is the Consulting Services Manager in Open-Sec.
He is an expert in regulatory compliance processes of international standards and laws related to information security. He has been part of the Open-Sec team since 2006.
For more information about Gustavo’s experience, go and check his LinkedIn profile: Gustavo Vallejo



Our Clients

Our Clients

Our Services

Applying methodologies and techniques of security based on international standards:

  • ETHICAL HACKING (Vulnerability Analysis, Pentesting) on infrastructure and web services level (including modern applications as microservices):

    • On traditional data centers (on-premises)
    • On Infrastructure, Software and Platform as a Service (cloud).
    • On paid services (merchant, gateway, processor, transmitter, acquirer)

  • SECURITY TESTING OF APPLICATIONS (DAST / SAST) :client/server, web, mobile, web services, microservices.

  • SECURITY TESTING OF ATMs and PoS (including mPoS).

  • SECURITY TESTING OF TRANSACTIONAL SWITCHES AND AUTHORIZERS.

  • SOCIAL ENGINEERING AND PHYSICAL INTRUSION TESTS.

  • SECURITY TESTING OF DIGITAL TRANSFORMATION PROCESS (applying Agile methodologies based on DevSecOps).

  • OFFENSIVE SECURITY TRAINING (100% virtual).

  • RED TEAM EXERCISES.

Contact Us

OPEN SEC LLC

151 EXECUTIVE CIRCLE BOYNTON BEACH, FL 33436, US

For more information :



  • Talks

  • GitHub Repo