Our main services

Embedded / Mobile

Narf are experts in what you carry in your pocket, what regulates your thermostat, what surveils your business and everything else that consitutes the Internet of Things (IoT).

Bring us in to answer the questions you didn't know you needed to ask. Hire us to tackle the unknown unknowns.

Secure Design

Vulnerabilities happen. They don't have to keep you up at night.

Leverage Narf's expertise to make vulnerabilities in your apps or infrastructure matter less.

We engage early in the design process to address issues before they become problems.

Application Security Assessment

Avoid the embarassment of shipping insecure code by letting us take a look first. We promise we'll be gentle.

Give confidence to your Secure Development Lifecycle (SDL). Use Narf's offensive background as your asset. Allow us to think like attackers before attackers think like attackers.

Narf Labs

Custom design, architecture and implementation that exceed your security requirements and project needs.

Whether commercial or government, help us help you take over the world.

Other services

Forensic Discovery
+ Due Diligence

Narf brings an extensive forensics background to the table, ready to find whatever it is you're looking for.

Publicly, we have collaborated with Basis Technology on Autopsy and The Sleuth Kit (TSK).

Privately, we have conducted forensic discovery as part of incidence response efforts and due diligence investigations on behalf of some of the largest corporations.

Ask us about our mobile and government offerings.

Technical, Security-Cognizant Japanese Translation & Localization

With a presence in Tokyo and fluent/native Japanese speakers, Narf is the choice when it comes to techincal, security-cognizant Japanese <-> English translation.

Penetration Testing

Narf has an average of 0.8 DEF CON CTF black badges per employee. Let us work our magic on your network before the bad guys do.

Incident Response

Remediate, mitigate and, most importantly, learn from mistakes.

Narf knows how attackers think and how to confound future efforts.

We've done this for some of the largest U.S. companies and we can do it for you too.