A silhouette of a person with hands pressed against a static-filled screen or window, creating a dark contrast against the bright, noise-like background.

Why is building a Secure Product so hard?

It doesn’t have to be.

Find Security Peace of Mind

Number 1 inside a dark blue circle.

We analyze
your situation

Number 2 inside a navy blue circle.

We create a
playbook for you

Number 3 inside a dark blue circle on a white background.

We help you execute
on the Playbook

Book a free consultation
A woman resting her head on a table with a virtual reality headset on, in front of a laptop and documents, in a modern office setting.

Stop losing sleep

We know it's hard enough trying to win in the market without having to constantly watch your back

A diverse group of eight people standing in a circle with their hands stacked in the center, smiling and working together.

Fight Fear

We've been there. We have guided a variety of organizations and worked through tough challenges. So we know how to reduce your risk.

Four people having a discussion at a meeting table in a modern office with large windows and exposed brick wall.

Lack of qualified resources?

Stop wasting OPEX on unused, misconfigured, or poorly chosen infrastructure by engaging our experienced team. We can help guide your team through the playbook to reduce your risk.

A person writing in a lined notebook with a green sticky note attached, placed on a wooden desk next to a silver laptop with a blank white screen and a smartphone.

Devious Plan is a boutique security consultancy guiding development teams on their security journey through Security Architecture, Threat Modelling, Securing the public cloud, Security Training, and Penetration Testing. Specializing in supporting development organizations wishing designers, builders, and breakers to help them on their security path.

We enjoy crafting solutions to interesting and tough problems through architecture, threat modelling, mitigation design, and penetration testing. Researching new ideas, troubleshooting, communication, and thinking of six impossible things before breakfast make us tick.

All our services 
under one roof

DEVIOUS PLAN SERVICES

Icon of a document with two lines of text and a magnifying glass, indicating search or review.

Security Architecture

Our experience in systematic security control design and implementation protects your organization's information, assets, and resources from evolving threats.

Learn More

Cloud icon with a padlock symbol, representing cloud security or data protection.

Cloud Security

Devious Plan has demonstrated capabilities securing cloud infrastructures to create a resilient and secure cloud infrastructure that meets compliance requirements and safeguards against evolving cyber threats.

Learn More

Stylized outline of a folder and an exclamation mark, both in dark blue.

Threat Modelling

Threat Modelling during the design process helps developments teams design in compliance and Defence-in-Depth by proactively identifying potential security threats, threat actors, attack surfaces, and key targets.

Learn More

A navy blue symbol of two interlocking circles resembling an infinity sign.

Training

We have extensive experience sharing security domain knowledge crafted to individual team needs. Whether its tailored training to fill a skills gap after a pentest, secure coding workshops, or teaching your development team the “Dark Side”, we have the demonstrable experience to level up your team.

Learn More

Icon of a person at a desk with a laptop, a monitor, and a telephone.

DevSecOps

Devious Plan can support your DevSecOps methodology with experience in automation, continuous security testing, and fostering a culture of security awareness among all team members in an agile methodology.

Learn More

House icon with a lock symbol in the center, representing a secure or protected home.

Red Team Engagement

Our experience in industry-leading penetration testing methodologies (OWASP), including white-box, black-box, and grey-box testing simulate real-world cyber attacks on an organization's systems, applications, or networks.

Learn More

Hear what our Partners have to say

DEVIOUS PLAN CLIENTS

A man giving a presentation in a conference room, standing in front of a large screen displaying a slide, holding a remote control and wearing a smartwatch.

Andrew Wilder

Regional CISO, Americas, Asia, & Europe

“Devious Plan provided a pragmatic, common-sense approach that found business value to deliver exceptional solutions. Their approach supported and helped upskill team members and others across the organization based on their deep security knowledge.”

A smiling man with dreadlocks, facial hair, and wearing a dark shirt against a plain background.

Adam Lomas, CRISC

Head of Information Security,
Trust & Compliance
ManagedRisk

“Working with Devious Plan has meant access to the right skills at the right time, reducing the pressure to find and staff experts internally without compromising on speed, quality, or communication. From Security Assessments to Threat Modelling and risk-prioritized security roadmapping support tailored to the realities of each unique environment, Devious Plan has quickly and consistently delivered actionable ‘no nonsense’ insights focused on cost effective cyber-risk reduction.”

A man with dark, wavy hair and a beard, wearing a gray checkered blazer, white shirt, and a pocket square, smiling in front of a window.

Blake Mitchel

Lead Consultant and Founder
Fevor Consulting

“I have collaborated closely with the Devious Plan team for over two years, consistently observing their exceptional work and significant impact on their clients and the industry. I am confident in their proficiency in guiding development teams through the complex cybersecurity landscape.”

Contact Us

To find out how Devious Plan can be your guide

Learn more