Swedish innovation hub specializing in creating immersive and precise game experiences alongside expert cybersecurity consulting and solutions.
At Hack23 AB, we believe that true security comes through transparency and demonstrable practices. Our Information Security Management System (ISMS) is publicly available, showcasing our commitment to security excellence and organizational transparency.
Our approach to cybersecurity consulting is built on a foundation of transparent practices:
- 🔍 Open Documentation: Complete ISMS framework available for review
- 📋 Policy Transparency: Detailed security policies and procedures publicly accessible
- 🎯 Demonstrable Expertise: Our own security implementation serves as a live demonstration
- 🔄 Continuous Improvement: Public documentation enables community feedback and enhancement
"Our commitment to transparency extends to our security practices - demonstrating that true security comes from robust processes, continuous improvement, and a culture where security considerations are integrated into every business decision."
— James Pether Sörling, CEO/Founder
|   | Realistic 2D precision combat simulator inspired by traditional Korean martial arts, focusing on precise anatomical targeting, authentic combat techniques, and detailed physics-based interactions. | 
|   | Political transparency platform monitoring Swedish political activity with data-driven insights, analytics, dashboard visualizations, and accountability metrics. | 
|  | Enterprise-grade multi-region active/active architecture with near-zero recovery time, comprehensive DNS failover, and AWS Resilience Hub policy compliance for mission-critical applications. | 
|  | SonarQube plugin for analyzing AWS CloudFormation templates with security best practices based on NIST, CWE, and ISO standards. | 
Professional cybersecurity consulting services delivered remotely or in-person in Gothenburg. Drawing from over three decades of experience in software development and security architecture, we deliver practical security solutions that integrate seamlessly into your development processes without hindering innovation.
| 🌐 Availability | Remote or in-person (Gothenburg) | 
| 💰 Pricing | Contact for pricing | 
| 🏢 Company | Hack23 AB (Org.nr 5595347807) | 
| 📧 Contact | 
| Area | Services | Ideal for | 
|---|---|---|
| 🏗️ Security Architecture & Strategy | Enterprise Security Architecture: Design and implementation of comprehensive security frameworks Risk Assessment & Management: Systematic identification and mitigation of security risks Security Strategy Development: Alignment of security initiatives with business objectives Governance Framework Design: Policy development and security awareness programs | Organizations needing strategic security leadership and architectural guidance | 
| ☁️ Cloud Security & DevSecOps | Secure Cloud Solutions: AWS security assessment and architecture (Advanced level) DevSecOps Integration: Security seamlessly integrated into agile development processes Infrastructure as Code Security: Secure CloudFormation, Terraform implementations Container & Serverless Security: Modern application security best practices | Development teams transitioning to cloud-native architectures with security focus | 
| 🔧 Secure Development & Code Quality | Secure SDLC Implementation: Building security into development lifecycles CI/CD Security Integration: Automated security testing and validation Code Quality & Security Analysis: Static analysis, vulnerability scanning Supply Chain Security: SLSA Level 3 compliance, SBOM implementation | Development teams seeking to embed security without slowing innovation | 
| Category | Services | Value | 
|---|---|---|
| 📋 Compliance & Regulatory | Regulatory Compliance: GDPR, NIS2, ISO 27001 implementation ISMS Design & Implementation: Information Security Management Systems AI Governance: Emerging AI risk management frameworks Audit Preparation: Documentation and evidence preparation | Navigate complex regulatory landscapes with confidence | 
| 🌐 Open Source Security | Open Source Program Office: OSPO establishment and management Vulnerability Management: Open source risk assessment and remediation Security Tool Development: Custom security solutions and automation Community Engagement: Open source security best practices | Leverage open source securely while contributing to security transparency | 
| 🎓 Security Culture & Training | Security Awareness Programs: Building organization-wide security culture Developer Security Training: Secure coding practices and methodologies Leadership Security Briefings: Executive-level security understanding Incident Response Training: Preparedness and response capability building | Transform security from barrier to enabler through education and culture | 
Three decades of hands-on experience in software development and security architecture means we understand the real challenges development teams face. We don't just point out problems—we provide practical, implementable solutions that enhance security without slowing down innovation.
Our approach: Security should be seamlessly integrated into your existing processes, not bolted on afterward. We help organizations build a culture of security awareness where protection becomes a natural part of how teams work, not an obstacle to overcome.
Passionate about transparency: As advocates for open source security, we believe in sharing knowledge and building community. Our solutions are designed to be understandable, maintainable, and aligned with industry best practices.
mindmap
  root((🔐 CIA Triad<br>Security Focus))
    🔒 Confidentiality
      🏷️ Data Classification
        🌐 Public
        🛡️ Restricted
        🗝️ Confidential
        🔒 Secret
      🚪 Access Control
        👥 RBAC Implementation
        🔑 MFA Integration
        📉 Least Privilege
      🔑 Encryption
        🧬 AES-256
        🧿 Quantum-Safe Encryption
        🗝️ KMS Integration
    ✔️ Integrity
      🧪 Data Validation
        👁️ Manual Checks
        🤖 Automated Validation
        🔗 Blockchain Records
      🔄 Change Control
        📝 Audit Trails
        ♻️ Versioning
        🛡️ Non-Repudiation
      🏆 Quality Assurance
        🧑💻 Code Analysis
        🧩 Test Coverage
        🏅 SLSA Level 3
    ⏰ Availability
      🛡️ Resilience Levels
        💾 Backup/Restore
        🔥 Pilot Light
        ♨️ Warm Standby
        🌐 Multi-Site Active/Active
      📊 Recovery Metrics
        🕑 RTO Targets
        ⏳ RPO Objectives
        📈 Uptime SLAs
      👀 Monitoring
        ❤️ Health Checks
        🚨 Alerting
        💥 Chaos Testing
    | Featured article on innovative use of technology for political transparencyRead Article | Coverage on Citizen Intelligence Agency's monitoring capabilitiesRead Article | Recognized in survey of parliamentary monitoring organizationsView Report | 
mindmap
  root((👨💼 James Pether Sörling))
    🔐 Information & Security Leadership
      👨💼 CISO / ISO Roles
      🛡️ Security Architecture
      🧩 CIA Triad Implementation
      🛠️ Policy Development & Governance
      📊 Risk Management
      🔍 Audit & Compliance Oversight
      🤖 AI Governance
      🌐 Open Source Program Office
    🏛️ Frameworks & Compliance
      📄 ISO 27001
      📄 NIST 800-53
      📄 VDA-ISA
      📄 CIS Controls
      🏷️ Data Protection / GDPR
      📋 ISMS Implementation
      🧪 Continuous Improvement
    ☁️ Cloud & Platform Security
      🌐 Multi-Cloud (AWS / Azure)
      🏗️ Enterprise & Reference Architectures
        🌍 Multi-Region Design
        🔁 Resilience & Failover
        ♻️ High Availability Patterns
      🔒 Secure Cloud Services
        Security Hub
        GuardDuty
        KMS
        WAF
      🧱 Network & VPC Security
      🔑 IAM / Least Privilege
    🛠️ Infrastructure as Code
      🧾 CloudFormation
      🛠️ Terraform
      🔄 GitOps / Pipelines
      🔍 Template Scanning
      📦 Supply Chain (SLSA Level 3)
    💻 Software Engineering
      ☕ Java / Spring
      ⚛️ React / TypeScript
      🐘 PostgreSQL
      🔄 CI/CD Automation
      🧪 Automated Testing
      🧵 Secure SDLC (SSDLC)
      📈 Code Quality (SonarQube)
    🔬 Security Operations & Assurance
      🚨 Incident Response
      🕵️ Vulnerability Management
      📈 Security Monitoring
      🧪 Threat Modeling
      📜 Logging & SIEM Use
    🌍 Open Source Leadership
      📋 CIA Compliance Manager
      🏛️ Citizen Intelligence Agency
      🧩 Sonar-CloudFormation-Plugin
      🔧 cfn-nag Contributions
      🤝 Community Engagement
      👀 Code Review / Security Tooling
    🏆 Certifications & Recognition
      🎓 CISSP
      🎓 CISM
      🥇 AWS Security Specialty
      🥇 AWS Solutions Architect Professional
      🛡️ SLSA Level 3 Attestations
    🚀 Strategic Impact
      🔓 Transparency Advocacy
      🧭 Security-by-Design Enablement
      🧠 Knowledge Sharing / Speaking
      📢 Public Policy & Civic Tech
    Experienced technology professional specializing in information security and delivery of secure cloud systems. Strong advocate for transparency in organizations and committed to ensuring robust security posture for modern applications through open source solutions.
Last updated: 2025-05-13 08:23:39
