About MDSec

A global authority with
a passion for
information security.

We work with renowned organisations from the financial and government sectors.

This has helped establish our role in defining, formalising and expanding information security through publications, tools and worldwide training. As a vendor-neutral organisation with no external investment, we can draw on our team’s years of blended experience to provide security advice on technical and non-technical subjects.

Our unique approach ensures you to get the most out of our security services.

Personal, highly qualified consultants

Hand-picked for their expertise. As trainers to numerous internal teams and would-be competitors, we are uniquely positioned as the experts’ expert.

Documented & published methodologies

We encourage depth and breadth, whilst allowing the creativity and flair required to quickly engage with and understand complex systems.

Partnered with the UK Government

MDSec partners with the UK government’s technical authority CESG to offer security services to the UK government under the CHECK service.

What makes
MDSec different?



MDSec’s portfolio includes in excess of 250 regular clients, featuring some of the world’s most recognised brands in the financial services, retail and software verticals.


Professionals Trained

Our team have been running training for Big Four, FTSE/Blue chip and specialist penetration testing firms at conferences and closed-door venues


Books Sold

Well over 50,000 individuals world-wide use our Web Application and Mobile Application Hacker’s Handbook publications for professional assessments.



Our technical team is capable of performing a full spectrum of assessments from red team simulation to hardware assessment.

Leadership Team

MDSec are above all a technically led organisation with technical values imprinted throughout the business. We’re always ready to hear from curious, talented individuals who are hungry to learn and reach new heights of technical knowledge.

  • Director
    Dominic Chell

    Dominic is a published author and public speaker with over 15 years’ experience at the forefront of hands-on technical security and adversary simulation.

  • Director
    Marcus Pinto

    Marcus Pinto is the author of the Web Application Hacker’s Handbook, with over 17 years’ experience in technical security and penetration testing.


  • Government-regulated framework of controlled, bespoke, intelligence-led cyber security tests replicating threat actors, targeting systemically important financial institutions.

  • UK Government schemer by the National Cyber Security Centre (NCSC) under which approved companies can conduct authorised penetration tests of public sector and CNI systems and networks.

  • CREST framework to deliver controlled bespoke, intelligence-led cyber security testing. STAR incorporates advanced penetration testing and threat intelligence services to replicate cyber security threats to critical assets.

  • UK government information assurance scheme operated by the NCSC that encourages organisations to adopt good practice in information security through external technical audit.

  • ISO/IEC 27001 accredited management system bringing information security under management control.

  • ISO/IEC 9001 management system for quality management.

Press Centre

Ready to engage
with MDSec?

Copyright 2021 MDSec