About Us

The future of application security testing is being created by our team!

Overview team and key results

10+ Years

Our group of companies has been on the market for more than 10 years and offers a range of professional services in the field of information security, as well as a number of innovative products. The history of our team is connected with practical research at the Faculty of Computer Science at MSU.

The results were presented at top conferences such as OWASP AppSec Europe, OWASP EU Summit, DefCon, BlackHat.

Start Icon
2011

From the team, SolidLab company had emerged in 2011. Ever since SolidLab has been doing pentests and security assessments of the most complex applications and infrastructures.

The results of SolidLab's work have been repeatedly presented at practical conferences - Hack in the Box, Positive Hack Days, OffZone.

Start Icon
2014

In 2014, we started a new product - an intelligent Web Application Firewall - SolidWall.

In 2024, the product has turned 10 years old - it is a really mature product with a lot of innovative solutions implemented under the hood.

If you want to get more information about SolidWall Contact us
Start Icon
2021

In 2021, we started another cutting edge project - an intelligent application scanner SolidPoint. SolidPoint implements innovative techniques, with several of them published in scientific articles and presented at the WASP at ESORICS 2023 conference.

We continuously assess performance of our scanner in Bug Bounty programs. Indeed, if our tool is able to discover issues in applications that were already tested hundreds of times by security researchers all over the world, then we can emphsize its value.

Start Icon
Today

Submission of valid security reports in Bug Bounty programs confirms the potential of our tool to uncover issues in most complex scenarios. Also, it clearly shows the distinction of our tool from the existing ones, that have failed in uncovering issues reported by us.

Finish Icon

Thanks received

Public programs that our team has engaged with, and thanks received

Alibaba

Alibaba

Amazon

Amazon

Coursera

Coursera

IBM

IBM

Imgur

Imgur

Mail.ru

Mail.ru

PlayStation

PlayStation

QIWI

QIWI

Scopely

Scopely

TopCoder

TopCoder

Windstream

Windstream

Yelp

Yelp

CVEs & Security Discoveries

Our research has led to the discovery of critical vulnerabilities in widely-used software and platforms

20+
CVEs Published
Critical vulnerabilities discovered in major platforms
100+
Security Reports
Valid reports submitted through bug bounty programs
$50K+
Bug Bounty Rewards
Total rewards received for vulnerability discoveries

Apple

CVE-2025-24192 Details
Apple Advisory Support Article

Google Chrome

CVE-2023-5480 Details
CVE-2024-10229 Details
CVE-2025-4664 Details
Chrome Release Release Notes

VMware vCenter Server

Multiple CVEs VMSA-2021-0020
Additional CVEs VMSA-2022-0004

Jenkins

CVE-2019-1003029 Details
CVE-2019-1003030 Details
Security Advisory SECURITY-1336

FirebirdSQL

CVE-2017-6369 Details
GitHub Issue #5744

SheetJS Library

CVE-2023-30533 Details
Advisory SheetJS Advisory

TrueConf

CVE-2022-46763 Details
CVE-2022-46764 Details

Jaeger UI

CVE-2023-36656 Details
GitHub Advisory GHSA-vv24-rm95-q56r

OpenCart Plugin

CVE-2022-24108 Details
Advisory SecLists

WordPress Supsystic Plugin

CVE-2023-3186 Details
WPScan Vulnerability

Yii2 Gii Module

CVE-2022-34297 Details

MySQL2 for Node.js

CVE-2024-21507 Details
CVE-2024-21508 Details
CVE-2024-21509 Details
GitHub Advisory Security Advisories

Tough-Cookie Library

CVE-2023-26136 Details
Salesforce KB KB Article