[AI] red teaming and security engineering from the hackers trusted by Claude, Gemini, and Cursor.
We hack you to steal your model weights and prompt caches. Then we fix the vulns and make sure no one else can.
Our Craft
Red Teaming
"So, people hire you to break into their places, to make sure no one can break into their places?" Precisely. Sneakers (1992) captured our business model before we were born.
Security Engineering
You know why Ferraris can hit 300 km/h? Because their safety engineers made it possible. We do the same for your products — good security doesn't slow you down, it lets you move faster.
Strategic Security Consulting
Security shouldn't be a tax — it's a superpower. We assess where you are, fix what's on fire, and hand you a roadmap that turns your security program into a competitive edge.
Incident Response
Got hacked? Breathe. Calm down. We've seen worse — once a marketing website tried to mine crypto. We'll chase the ghosts out of your network and make sure they never come back.
Our Edge
Award-winning hackers defending software that matters. From iPhone, Android, YouTube, and Gmail to the AI you use every day.
We don't just find holes. We make your software safer, faster, and easier.
We love the Internet, and we defend non-profits, hospitals, and the good guys.
In Good Company
Don't Take Our Word For It
Calif's recent viral blog posts demonstrate a staggering reality: how AI can be leveraged to identify and exploit RCE vulnerabilities within the FreeBSD kernel and classic text editors like Vim and Emacs.
However, even more impressive than their use of AI is the sheer depth of their technical competence. Our team at Google has engaged with Calif on various security assessments, during which they identified weaknesses and helped us harden our mitigations. Their ability to deliver exceptionally high-quality findings makes them an invaluable partner for any high-stakes security project.
It's always a pleasure working with Thai Duong and the entire Calif team. Security testing with an unparalleled level of quality. I don't post a lot, I don't do shout outs a lot but Calif delivers top tier work worthy of recognition.
I just want to say thank you Thai Duong and Calif for consistently scaring the life out of me. This team is the most innovative penetration/security tester I have ever worked with. Over the past 5 years, they have taken 15 years off of my life with their very creative approaches to destroying my faith in any security control that exists....anywhere. Ever. If you want to know the truth, use Calif.
It's important to call out the quality security vendors when we find them. Calif does high-caliber penetration testing with world class researchers!
I rarely do shout-outs or plugs on here, but I wanted to recognize Thai Duong and the team at Calif for the excellent work they do. The security assessment and penetration testing services market is so crowded with startups and incumbents alike -- it's often difficult to find firms that have the technical skills to stand out from the rest. It's great to work with top-tier red-teamers who truly know their craft!
This is... accurate. Thai Duong and the Calif team kill it 10 times out of 10.
We just completed another great red team engagement with Calif - again outstanding work! A good red team engagement is indistinguishable from art and Thai Duong and his team are true artists.
Grateful to call Calif a partner. We've worked with their team for a while on Spark audits, and more recently on hands-on development. They've consistently brought strong technical insight and have been excellent to collaborate with. Partnerships like this make a real difference. Thanks to the Calif team; excited to keep building together. 🙌
Shout out to Thai Duong and the team at Calif 🥷. I love a good pen test to learn new things about your infrastructure 😁
Let's Plot
Or skip the form and email us directly at help@calif.io.