We're here to push the frontier of vulnerability research with AI.
Exploring what's possible when you pair top models with human expertise. Trusted by Google and Anthropic.
How We Do It
$ ./frontier-vuln-research --with claude
We work with Anthropic and OpenAI to find the most interesting bugs and develop the most exotic exploits. We use the best models to discover new attacks, and explore what's possible at this new cyber frontier.
✓ 0-day discovered
$ ./security-engineering --scale production
Everything we learn attacking goes straight into building better defenses. We turn frontier vulnerability research into security systems that keep you ahead in a world where AI can hack anything.
✓ systems hardened
In Good Company
Don't Take Our Word For It
Calif's recent viral blog posts demonstrate a staggering reality: how AI can be leveraged to identify and exploit RCE vulnerabilities within the FreeBSD kernel and classic text editors like Vim and Emacs.
However, even more impressive than their use of AI is the sheer depth of their technical competence. Our team at Google has engaged with Calif on various security assessments, during which they identified weaknesses and helped us harden our mitigations. Their ability to deliver exceptionally high-quality findings makes them an invaluable partner for any high-stakes security project.
It's always a pleasure working with Thai Duong and the entire Calif team. Security testing with an unparalleled level of quality. I don't post a lot, I don't do shout outs a lot but Calif delivers top tier work worthy of recognition.
I just want to say thank you Thai Duong and Calif for consistently scaring the life out of me. This team is the most innovative penetration/security tester I have ever worked with. Over the past 5 years, they have taken 15 years off of my life with their very creative approaches to destroying my faith in any security control that exists....anywhere. Ever. If you want to know the truth, use Calif.
It's important to call out the quality security vendors when we find them. Calif does high-caliber penetration testing with world class researchers!
I rarely do shout-outs or plugs on here, but I wanted to recognize Thai Duong and the team at Calif for the excellent work they do. The security assessment and penetration testing services market is so crowded with startups and incumbents alike -- it's often difficult to find firms that have the technical skills to stand out from the rest. It's great to work with top-tier red-teamers who truly know their craft!
This is... accurate. Thai Duong and the Calif team kill it 10 times out of 10.
We just completed another great red team engagement with Calif - again outstanding work! A good red team engagement is indistinguishable from art and Thai Duong and his team are true artists.
Grateful to call Calif a partner. We've worked with their team for a while on Spark audits, and more recently on hands-on development. They've consistently brought strong technical insight and have been excellent to collaborate with. Partnerships like this make a real difference. Thanks to the Calif team; excited to keep building together. 🙌
Shout out to Thai Duong and the team at Calif 🥷. I love a good pen test to learn new things about your infrastructure 😁
Let's Plot
$ ./reach-out --or-email help@calif.io