Skip to main content
Est. 2006 · Mumbai · CERT-In Empanelled Since 2008

Making security consistent, not dependent on luck.

Security Brigade was founded in 2006 on a simple insight: the quality of a security assessment shouldn't depend on which tester walks through the door. We built a platform — and a process — to make sure it doesn't.

6,700+
Assessments Delivered
700+
Enterprise Clients
150+
Security Professionals
Since 2006
Founded · CERT-In 2008

As of Q1 2026 · CERT-In Empanelment ID on request

Recognised by Regulators, Industry Bodies, and Global Partners

CERT-In Empanelled
DSCI Empanelled

Our Approach

What we believe matters

Twenty years of audits across BFSI, government, fintech, healthcare, and SaaS shaped how we work. These four principles run through every engagement.

Security as Practice

Every engagement follows a structured methodology enforced by Lemon — our proprietary platform. The same quality regardless of who tests your app.

Technical Authority

Public research disclosures since 2008. CERT-In empanelled. Our findings drive remediation, not checkbox compliance.

Client Partnership

We measure success by client retention. Most clients have been with us for 5+ years, across multiple engagement types and growing scope.

Continuous Investment

B-52, Lemon, and ShadowMap are built in-house, not licensed. Every engagement feeds back into the platform, making the next one better.

Why We Exist

We started Security Brigade because testing quality was a coin flip.

In 2006 the Indian security-testing market was a handful of boutique consultancies and the testing arms of larger audit firms. The work was good or bad depending on who happened to walk into your office on day one. Two engagements with the same scope and the same fee could deliver wildly different reports.

We did not believe this was acceptable for an industry whose buyers — banks, insurers, governments — were increasingly responsible for systemic risk. So we built the firm around a thesis: quality has to be structural, not heroic.

Two years in, in 2008, that thesis put us on CERT-In's earliest empanelled list — and kept us there for 18 years and counting. Twelve years later, we built Lemon to make the structure explicit: a platform every engagement runs on. Today the same thesis runs through B-52 (AI-augmented coverage) and the L1/L2/L3 senior review chain that signs off every finding before it leaves us.

If you've worked with two security firms in the last 10 years and got two very different deliverables — that's the problem we built this firm to fix.

Industries Served

Twenty years across regulated industries

From RBI-mandated cyber audits for India's largest banks to global SaaS platforms preparing for SOC 2 and EU customer DPAs — depth across the verticals that matter.

BFSI
Fintech
Healthcare
Manufacturing
Government
Insurance
Retail
SaaS
Legal

Our Journey

Twenty years of building trust

2006

Founded

Security Brigade InfoSec Pvt Ltd established in Mumbai with a mission to make enterprise security consistent — not dependent on which tester walks through the door.

2008

CERT-In Empanelled

Among the earliest firms empanelled by India's national cybersecurity agency. Continuously empanelled since.

2008–2014

Media Recognition

Security research featured in Network World, ComputerWorld, CIO.com, Forbes India, CSOOnline, and TechWorld covering vulnerabilities responsibly disclosed to Amazon, Microsoft (MSN), Oracle, and more.

2014–2018

BFSI + Fintech Growth

Became the security testing partner for India's largest banks, payment platforms, and fintech unicorns. Expanded to 100+ specialists.

2020–2024

Platform + Global Expansion

Built Lemon audit platform, B-52 AI testing engine, and ShadowMap ASM. Expanded delivery to APAC, EMEA, and Americas through partners.

2026

Today

150+ security professionals, 700+ enterprise clients, 6,700+ assessments delivered across BFSI, fintech, healthcare, government, manufacturing, and SaaS.

Leadership

The team behind 6,700+ assessments

YK

Yash Kadakia

Founder & Chief Technology Officer

Founded Security Brigade in 2006 with the thesis that security assessment quality should be structural, not dependent on individual testers. 16+ years building platforms, teams, and methodologies that make enterprise security consistent.

LinkedIn
SG

Siddarth G

Practice Director — Cybersecurity

Leads Security Brigade's offensive security practice with deep expertise in vulnerability research, penetration testing, and red team operations. Ranked Top 80 globally on Bugcrowd.

LinkedIn
JP

Jamila Pittalwala

VP — Sales & Client Partnerships

Heads Security Brigade's sales operations across APAC and EU, connecting regulated enterprises with the right security assessment and compliance services. Brings deep consultative sales expertise in the cybersecurity domain.

LinkedIn
CJ

Chintan Joshi

CISO & Director — Security Advisory

Oversees Security Brigade's cybersecurity advisory practice, helping regulated enterprises meet RBI, SEBI, CERT-In, and IRDAI compliance mandates. Previously held senior security leadership roles across BFSI.

LinkedIn
AA

Abhinav Awasthi

Lead — VAPT & Security Assessments

Leads Security Brigade's VAPT delivery team, having progressed from Security Consultant to Team Lead. Has executed advanced penetration tests across BFSI, fintech, QSR, and telecom — including ICICI Bank, Domino's, and Jubilant FoodWorks.

LinkedIn
TD

Trupti Dangeti

Head — Finance & Operations

Manages financial operations and HR functions at Security Brigade, ensuring the firm's operational backbone supports its growing team and client base.

LinkedIn
RS

Richa Sunar

VP — Business Development

Drives business development and strategic partnerships at Security Brigade, expanding the firm's footprint across industry verticals and geographies.

LinkedIn
PK

Parnika Kelkar

Head — People & Culture

Senior HR generalist partnering with leadership to drive talent acquisition, policy design, compliance, and an engaging workplace culture at Security Brigade.

LinkedIn
AI

Abhed Indulkar

Lead — ShadowMap

Senior full-stack engineer and ShadowMap product lead. 5+ years building security platforms across Vue.js, Laravel, React, Python, Django, AWS, and Azure. Architects the technology that powers continuous attack surface monitoring.

LinkedIn
SD

Shalabh Devliyal

Lead — Managed Security Services

Security researcher and penetration tester passionate about making the internet safer. Active CTF player, bug bounty hunter, and hands-on practitioner across web, network, and application security.

LinkedIn

In the Press

Quoted and covered across global media

Security Brigade's research, threat intelligence, and commentary has been featured in leading publications worldwide — from vulnerability disclosures to sector-wide cyber threat analysis.

Forbes India
Why India Is Scrambling Over Claude Mythos

2026
Forbes India
India's Cyber Defence Faces Questions from Claude Mythos

2026
Financial Times
ISRO Was Alerted to Cyber Attack During Chandrayaan-2 Mission

2019
MediaNama
Data Localisation Won't Help With Cyber Security — Experts at Nullcon

2020
The Sun
North Korea Hacked Doomed Indian Moon Landing

2019
Politico EU
EU Parliament Says Sensitive Data of 1,200 Officials Left Exposed on Web

2019
Hindustan Times
Ex-defence Personnel Hit by Phishing Attack

2021

As covered by

Forbes India · Financial Times · Politico EU · The Sun · MediaNama · Hindustan Times · Business Standard · CIO.com · Times of India · NDTV · Livemint · Rediff · DataBreaches.net · SecurityWeek · FirstPost · Mashable India · VAR India · Daily Mirror

Team Certifications

Across our 150+ security professionals — offensive security, audit, and compliance.

CERT-In EmpanelledOSCPOSCECRTPCEHECPTCREST CRTAWS SecurityISO 27001 LACISACISM

Let's work together.

Whether you need a single assessment or a long-term security partner, our team is ready to help.

Talk to an Expert Join the Team