Client Work
Real Engagements, Real Impact
Because our work is NDA-bound, we can't name clients - but here's an honest look at the scale and impact of our engagements so far.
Illustrative Engagement Summaries
All client details below are anonymized. No client names, logos, or identifying information are shared without explicit permission.
Fintech Startup (India) - Cloud & Application VAPT
Engaged ahead of a funding round. Testing uncovered a critical privilege escalation path between staging and production cloud environments. The client remediated the finding within 48 hours, avoiding a potential compliance flag during due diligence.
Enterprise SaaS Provider (Global) - Application Security
Performed a full application penetration test ahead of a major enterprise customer's security review. Findings were resolved and retested within the audit deadline, helping close a contract contingent on passing that review.
Manufacturing Company (India) - Network VAPT & Implementation
An internal network penetration test revealed flat network segmentation exposing operational technology systems to the corporate network. HexGuard designed and helped implement segmentation controls, reducing the blast radius of a potential ransomware incident.
Healthcare Technology Company (Global) - Policy Creation
Helped build a first formal information security policy set ahead of an ISO 27001 certification effort, aligning existing informal practices with audit-ready documentation.
Power Distribution Company (India) - IoT Security Assessment
Performed an IoT security assessment of smart meter infrastructure for one of India's largest power distribution companies. Testing uncovered firmware and communication-protocol weaknesses that could have allowed meter tampering or billing manipulation at scale, remediated before wider rollout.
Large Conglomerate Corporate House (India) - Network Red Team
Ran a full red team engagement against the network infrastructure of a large conglomerate's corporate head office, simulating a real-world adversary across network and access vectors. The exercise validated detection and response gaps that shaped a year-long hardening roadmap.
Consumer Mobile App Provider (India) - End-to-End Mobile VAPT
Performed end-to-end penetration testing of a consumer-facing mobile application, covering the client app, backend APIs, and third-party integrations. Critical authentication and data-storage issues were identified and fixed ahead of a major release.
Enterprise IT Team (India) - Security Infrastructure & VPN
Designed and helped implement a secure on-premises VPN and supporting security infrastructure, replacing an ad hoc remote-access setup with segmented, monitored access for employees and vendors.
Technology Startup (Bengaluru) - Cloud Storage & Access Control
Helped a Bengaluru-based startup design secure cloud storage architecture and least-privilege access controls ahead of onboarding its first enterprise customers, closing gaps that could have exposed customer data across environments.