{ services }

Software security

read more

Custom security

read more

Offensive capabilities

read more


read more

{ latest news }

Security Explorations completes operations

After 11 years of activity, Security Explorations completes its operations (...)

01 May. 2019
read more

Gemalto Java SIM cards research

Security Explorations discovers over-the-air applet loading vulnerability in Gemalto SIM card. The company makes a call for sponsors concerned about security of Gemalto solutions and willing to provide support for an independent security analysis of Gemalto Java SIM cards. (...)

15 Apr. 2019
read more

Multiple security vulnerabilities in Java Card

Security Explorations discovers multiple security vulnerabilities in Java Card technology. The company starts offering comprehensive security analysis of Java based smartcards used in financial, government, transportation and telecommunication sectors. (...)

20 Mar. 2019
read more
Go to newsroom

{ research }

"(…) security researchers at the Polish firm Security Explorations revealed another critical security flaw in Java that affects users of every browser that runs the plugin, including Chrome, Firefox, Safari and Internet Explorer, allowing a malicious hackers to gain complete control of a victim's machine through a rigged website."

Read now in Forbes

"A new zero-day exploit in multiple versions of Java puts roughly 1 billion users at risk to attackers and malicious code. The flaw was discovered by researchers at Poland's Security Explorations, a security firm that already has a known penchant for unearthing flaws in Java's notoriously buggy programming language."

Read now in NBC News

"Serious vulnerabilities exist in Google App Engine (GAE), a cloud service for developing and hosting Web applications, a team of security researchers has found.The vulnerabilities could allow an attacker to escape from the Java Virtual Machine security sandbox and execute code on the underlying system, according to researchers from Security Explorations, a Polish security firm that found many vulnerabilities in Java over the past few years."

Read now in PC World

"Security Explorations earlier this month also notified IBM of 17 Java-related security issues in its products, 10 of which "successfully demonstrate a complete IBM J9 Java VM security sandbox bypass," said Gowdiak. The security issues are present in the IBM software development kit (SDK), which is a Java Standard Edition implementation from IBM that's available for a number of platforms (…)"

Read now in Dark Reading

"Reuters reports that Adam Gowdiak, Java security expert at Security Explorations, says Oracle's update leaves "several critical security flaws" unfixed. "We don't dare to tell users that it's safe to enable Java again," Gowdiak told Reuters."

Read now in CBC News

"Oracle issued an emergency fix today for vulnerabilities in its Java software about four months after Security Explorations, a security firm, warned the company about the bugs. The delay in providing a fix allowed more than 100,000 computers to get hacked, security firm FireEye estimated. So why did it take this long to provide a patch?"

Read now in Bloomberg

View our projects

Facts and

uncovered Java security issues


uncovered Java
security issues

in rewards for a project

~100 000$

in rewards for a project
targeting Google App

Argus Hacking Contest

No. 1

Argus Hacking Contest

featured over 200 times


featured over 200 times
in various publications

{ pricing }

We believe quality security evaluation and security research services do not need to be expensive. Our rates are constructed, so that they are competitive and affordable for businesses of various sizes and geographic locations (Poland along Western Europe and the US).

Check our rates