Security consulting · Pentesting
Penetration testing, advisory & triage.
Bug bounty consulting & triage, inside your program
HackerOne
Bugcrowd
Intigriti
In-house
Services
Services.
Application-security testing and advisory work, scoped and reported directly.
Penetration testing
Web, API, cloud, mobile.
One to three weeks. Manual testing, fixed price. Written report with every finding and a fix.
What's in scope →
Security advisory
Retained appsec.
Retained advisory for SaaS, fintech, and technical-founder teams. AppSec programme build, code review, threat modelling.
Retainer shape →
Bug bounty consulting
Scope, payout, platform.
Programme design, scope writing, and platform selection.
How I help →
Triage as a service
In-platform triage.
Duplicate detection, severity, reproduction. Runs inside your existing HackerOne, Bugcrowd, or Intigriti queue.
How triage works →
Custom engagement
Custom scope.
If it touches application security, vulnerability management, or incident response — open a conversation.
Start a conversation →
WordPress incident response
WordPress cleanup.
Flat $279 per site. Manual cleanup, entry vector identified, written report.
Cleanups by symptom →
What you get
The report.
Every engagement ends in a written report: findings, reproduction, impact, and remediation. Redacted sample on request under NDA.
Every report includes
- Title and severity, with CVSS where it applies
- Exact reproduction — the request, the curl, or the click-path
- Impact described in your business terms
- Remediation tied to your code — file, line, fix
- A re-test after your fixes ship, in the same document
Who runs this
Patrik Grobshäuser.
Security researcher. Previously HackerOne (Triage Manager EMEA), Recorded Future, Shopify, ERNW, Bugcrowd. Writes at IT-Securityguard since 2011.
Frequently asked
Common questions.
How do engagements start?
Open the intake form with what you know — scope, deadline, tech stack, audit context. You receive a written scope proposal with a fixed quote or a retainer shape, depending on the service.
Do you sign NDAs?
Yes. Your paper or mine — both work. Mutual NDA signed before the first scoping call if the conversation requires it. Standard MSA template available for retainer engagements.
What languages do you work in?
Engagements are run in English or German. Written reports in English; German on request for DACH compliance contexts.
Where are you based?
Germany, EU timezone. Engagements run remotely; calls are scheduled to fit your time zone.
Do you do WordPress only?
WordPress incident response is one offering. The pentest, bug bounty, triage, and advisory services apply to any web, API, cloud, or mobile target.
From the blog
What I'm reading and writing.
-
2 min read
Burst Statistics auth bypass (CVE-2026-8181): in the wild
A 9.8 CVSS authentication bypass in the Burst Statistics plugin is being exploited. 200K+ sites affected. Here's a quick triage.
Read →
-
2 min read
Someone bought 30 WordPress plugins and backdoored all of them
Plugin acquisition as an attack vector. If a plugin you trust changes hands and ships a 'security update' you didn't ask for, that's the pl…
Read →
-
2 min read
One million WordPress sites: file read + SQL injection
Wordfence disclosed a vulnerability chain affecting more than a million WordPress installs. What it means for site owners — and how to tell…
Read →
Start an engagement.
Send the scope, stack, and timeline. You get a written proposal with a fixed quote.