VARTE GROUP
Information Security Services
Our Services
The company specializes in providing various Information Security(Cyber) Services of the highest quality, aimed at identifying business risks in the applications, networks, architectures, and processes.
RED TEAM EXERCISE
-
External and Internal
-
OSINT
-
Lateral movement
-
Privilege escalation
-
"Capture the Flag"
-
Vulnerabilities identification and safe exploits
-
Spear phishing
PENETRATION TESTING
-
Web applications
-
Thick clients
-
Mobile applications
-
External & Internal networks
-
Code Reviews
-
Rest\WS
-
Hardening advisory
-
Cloud
CONSULTING
-
Threat modeling and Secure Design
-
Protection Consulting
-
Regulations Compliance
CLOUD
-
Configuration review
-
RBAC review
SECURITY PROGRAMS
-
Vulnerability management
-
Secure SDLC process Implementation
About Us
An Information security boutique company providing thorough and comprehensive security
assessments, tailor-made per clients requirements.
The company was founded and operational since 2018.
The company’s Business Model is to employ High-End, experienced professionals on a project basis, best suited to their abilities, which essentially means the client is receiving services from the “Cream of the Crop” of Israeli market.
Each consultant employed by the company has at least 6 years of hands-on experience in various industries such as Military,
Financial, Hi-Tech, International corporations, etc.
Each project involves at least two consultants to achieve best possible results.
The company completed successful projects both locally and internationally.
World News
vulnerabilities and exploits
5/22/2026 Eduard Kovacs
Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure
Drupal is warning users that it has already seen attempts to exploit CVE-2026-9082 and security firms are seeing attacks against thousands of websites.
The post Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure appeared first on SecurityWeek.
attacks and breaches
5/22/2026 BrianKrebs
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a vast trove of other agency secrets on a public GitHub account. The inquiry comes as CISA is still struggling to contain the breach and invalidate the leaked credentials.
technology and tools
5/22/2026 Mirko Zorz
$20 per zero-day is already the WordPress plugin reality
Vulnerability researchers have spent the past year arguing about whether AI agents can find real bugs at scale or whether they mostly generate noise. A pipeline built in three days by researchers from TrendAI and CHT Security supplies an answer, along with a price tag that the security industry will have to reckon with. The system, presented at Ekoparty Miami, pairs AI-driven static analysis with automated Docker provisioning and dynamic verification through Chrome DevTools MCP. … More →
The post $20 per zero-day is already the WordPress plugin reality appeared first on Help Net Security.
