Start a conversation.

If you have received a filing from us and need technical clarification, or if you are investigating a software vendor’s disclosure practices and need expert guidance, contact us directly.

We provide enforcement-ready evidence packages, expert testimony, and technical translation for regulatory proceedings. Initial consultations on whether a finding meets regulatory threshold carry no charge. We also operate a secure whistleblower intake channel that surfaces insider and researcher evidence directly to enforcement bodies.

If you have been ghosted by a vendor and need help escalating to the right enforcement body, we may be able to help.

We have documented and navigated the vendor response playbook across multiple engagements: the initial denial, the silent patch, the credit theft, the ghost. If you have a confirmed finding and no path to disclosure, initial consultation on whether the finding meets regulatory threshold carries no charge. You can also submit evidence directly through our whistleblower intake.

If you need to assess whether your infrastructure vendors are properly disclosing security vulnerabilities that affect your users, we can answer that question definitively.

Our Silent Patch Intelligence subscription delivers monthly reports for your ecosystem. Our per-engagement audits include complete silent patch archaeology: not just what is vulnerable now, but what was hidden, when, and who was left exposed.