• maven (noun):
  • a trusted expert who seeks to pass knowledge on to others

About Us

We are a small team of experts with over a decade of experience bringing security to the marketplace

Quick Links

News & Events

Spotlight

InformationWeek Logo

Maven Security was interviewed in late September 2014 by InformationWeek: 4 Penetration Testing Tips

CIO_Review_logo

Recognized As Leading Security Consultancy

Maven Security was recently named 20 Most Promising Enterprise Security Consulting Companies by CIO Review.

Community Involvement

Owasp Logo

Maven Security is proud to be able to give back to the community through corporate support and employee leadership involvement of the OWASP Triangle chapter and the OWASP Delaware chapter.

Honor + Knowledge = Security™

Maven Security Consulting Inc. is a vendor-independent security consulting firm that helps companies secure their information assets and digital infrastructure by providing a wide range of customized consulting and training services.

Services include ethical hacking; web application security testing; network security architecture reviews; training; expert testimony (civil and criminal); and architecture analysis, design, and security testing for Next Generation Networks (NGN), including VoIP.

Maven Security has a global client base across the US, Canada, Europe, Asia, and Australia. We help customers in many market sectors including utilities, aerospace, government, banking, insurance, software, and recreation.
Maven Security is a privately held company established April 2001 and headquartered in Delaware, United States.

Maven Firsts

Maven has always had a commitment to giving back to the community, and that has lead to a number of “firsts” we are proud of.

Achilles

Achilles was the first publicly released general-purpose web application security audit tool. While quite basic by today’s standards, it was transformative to have an easy to use, publicly available tool to intercept and modify web traffic.

WebMaven

WebMaven was the first interactive web application that emulated various security holes. This was an important tool for training and self-learning as a way to safely & legally practicing security audit techniques, as well as benchmarking and vetting audit tools. It was adopted by the Open Web Application Security Project as OWASP WebGoat v1.

Web Security Dojo

Another industry first: An open-source self-contained training environment for web application security penetration testing. The Dojo contains everything needed to get started – tools, targets, and documentation, all preconfigured for ease of use. There are thousands of downloads of this project every month, and many people have used it to increase their knowledge of web security.