Terraforming threat modelling
Bottom-up and top-down trailblazing with intent to create human-readable threat modelling examples. A work in progress.
Ty Myrddin
If you are looking for third-party independents for security research and analysis or for audits, pentesting, red teaming or colourful campaigning, you have come to the right place!
Who we are
We are a group of varying composition. Some are old hands, some want to learn pentesting/red teaming, others want to find new solutions to old problems or solutions to new problems. All believe in open security (instead of job security).
Our team can wholly or partly temporarily come on board your team or vv. It all depends on the type and purpose of the pentesting.
Things we are good at
- Surfing chaos
- Equality dancing
- Reading books and code
- Seeing (things) through (things)
- Demystifying issues
- Roadrunner close-runs
A few things we are doing
Snapping us some dark matter
Making attack trees from researching security issues to help us organise our thoughts. Another work in progress.
Creating shelf space
Gathering some possibly (re)useful resources online. If the web comes crashing down, we don't want these in our real libraries anyway.
Munching galaxies
As cosmic archaeologists, we are digging through the fossils of long-dead galaxies rather than human history, except that in our case humans still inhabit those galaxies.
Obliviousness blog
No problem can be solved from the same level of consciousness that created it. What if we consciously add actually being oblivious? We blog about strategising, cause and effect, blindspots and other learnings in various directions.
Preferred clients
- (W)HRD, Land, Nature and Earth rights defenders.
- Small NGO organisations which are working to protect freedoms as described in the ICCPR and/or digital privacy as described in the GDPR, or in these additional human rights articles.
- Small businesses, organisations and independents with a focus on autonomy enhancing products and services, for example on passing on permaculture practices or on supporting equally privileged, equipotent participants in collaborative goals.
Pricing
We set a not-for-profit price point for NGO’s, and for everybody else our price is negotiable and depends on state and purpose of client and our own personal (financial) states. In some cases where lives are at stake and people are already marginalised to the point of having no resources at all, for example in the case of land right defenders for whom there is no funding available, our service can even be for free (costs). And in all cases, if learning is required to provide a service, in no way does a client ever pay for such learning hours, only for the actual service.