They’ve Never Been Happier to Get Hacked

We were very pleased with the pen test Fortbridge performed on Concrete CMS hosting and the application vulnerability test they did on the open source Concrete CMS. We chose Fortbridge to conduct the assessment this year because of their numerous HackerOne reports and remediation collaboration in the past year to selflessly improve the open source Concrete CMS. Despite a contract specifying UK working hours, Fortbridge went over and above and worked UK evenings in order to overlap with the Concrete CMS’ team’s PST hours. They communicated daily and the collaborative back and forth meant not only were we kept informed but we could guide the testing to ensure that no time was wasted. We were left confident that they were doing a thorough job. We appreciated no surprises in the initial report. Our team was deeply impressed that the brothers identified vulnerabilities which could only have been found by a deep analysis of the source code. A huge plus with choosing the boutique two brother Fortbridge team is that you are certain to get the firm’s pen testing experts. The knowledge they gain about your environment and products one year will lead to an even more efficient and thorough test in future years.


CISO PortlandLabs

We operate a popular website with optional subscriptions and a powerful API. Fortbridge has done an excellent job of scanning our systems for vulnerabilities and providing immediate feedback on which we could act quickly. We will use Fortbridge again.


CTO, Big data & service provider

Both Adrian and Bogdan are fantastic to work with and exceptional at what they do, in providing top notch security expertise, consultancy, and penetration testing. They provide high quality work and go above and beyond to identify critical vulnerabilities, and ensure risks are understood and mitigations clearly defined and validated. It is always a pleasure working with FORTBRIDGE and I look forward to continue doing so in the future.


Head of SecOps and Incident Reponse
Online retailer

Fortbridge is one of our prefered pen testing suppliers and has carried out pen tests for our various applications. The two consultants Adrian and Bogdan are both very knowledgeable on carrying out security assessments and carry them out with care and consideration to end user impact. The findings are of very high quality, and the narrative approach to finding descriptions help our internal test teams understand the methodology to finding vulnerabilities. Reports are delivered very quickly, and the prioritisation or criticality of the findings are of high quality and the recommendations are actionable and concise. I look forward to future engagements.


Principal App Sec Engineer, Property website

Bogdan and FORTBRIDGE demonstrated a high level of performance, becoming a major contributor into improving our security posture. His attention to details was key to helping teams remediate issues in a timely and satisfactory manner. Given the above, I would like to re-iterate that Bogdan Tiron and FORTBRIDGE was highly rated during his engagements and as a result I want to reiterate my confirmed recommendation.



It was a pleasure working with Bogdan. He is a very professional, honest and sociable person. He found high impact vulnerabilities and provided top quality reports to the development teams. He jumped on call with developers and made sure the critical vulnerabilities were fixed on spot and also held read-outs to developers and executives to make sure all findings are crisp clear. If top quality pentests and trainings is what you are looking for then Bogdan can definitely help you.


Product Security Leader
Banking Sector

Application Security London - OSCP Application Security London - Cloud AWS Application Security London - Cloud Azure Application Security London - Cloud GCP Application Security London - DevSecOps Application Security London - CREST