Delivering cyber security assurance since 2013

Helping you build, test and operate secure applications and infrastructure fit for the Digital Age

Cyber security assurance since 2013

Danielyan Consulting is a UK-based specialist provider of cyber security assurance services including penetration testing, security engineering and incident response since 2013.

  • Web application penetration testing
  • Infrastructure penetration testing
  • Incident response & investigations
  • Security engineering & design
  • API penetration testing
  • Expert witness services (England & Wales)

All our services are personally provided by a senior accredited consultant with over 20 years of experience, who is also an accredited expert witness and published author.

Free initial consultation

We offer a free initial consultation to all our clients. This session allows us to understand your unique security posture, discuss your concerns, adapt our approach to meet your specific needs and provide a tailored and competitive quote for our services.

Free retesting of identified findings

Following the testing, assessment and identification of any weaknesses and vulnerabilities, we extend our commitment to your cybers ecurity by offering a free retest of any identified findings. This ensures that any vulnerabilities discovered during the initial assessment are effectively addressed, reinforcing the security of your systems and providing evidence-based assurance at the end of the engagement.

Free remote remediation consultancy

Recognising the importance of not just identifying but also remedying security weaknesses, we provide complimentary remote remediation consultancy to help your IT or development team to address them. This service is designed to support your team in implementing the necessary changes, providing expert advice and guidance every step of the way.

Free certificate of testing

Upon completion of penetration testing, where no critical or high-risk findings are identified, or upon the full remediation and retesting of such findings, we issue a certificate of testing alongside the detailed report. This certificate can be shared with third parties, such as clients and partners, as a tangible demonstration of your commitment to cyber security without sharing the confidential details in the report.

Our Cyber Security Assurance Services

Web app penetration testing

Penetration testing of Web applications involves the identification of security weaknesses and vulnerabilities caused by insecure coding practices, misconfiguration and bugs. It is usually performed on a test instance of the application but can also be performed on live instances if required.

Infrastructure penetration testing

Infrastructure penetration testing identifies vulnerabilities and misconfigurations that can be exploited to obtain unauthorised access to data, systems or hosted applications. Specific testing activities and methodologies may differ depending on the scope and objectives of the infrastructure testing engagement.

API penetration testing

More and more applications depend on publicly accessible Application Programming Interfaces (APIs) to provide their core functionality as well as to integrate with or extend other applications and data sources. With all the versatility and features of APIs come potential security weaknesses and vulnerabilities.

Security engineering & design

Security engineering is the methodological identification and specification of security requirements and their design and implementation in a given system or application taking into account its environment, users and business objectives.

Incident response & investigations

Incident response is a coordinated effort to rapidly respond to a security incident in the most efficient, cost-effective manner. The goal of incident response is to quickly identify an attack, minimise its effects, contain the damage, as well as identify and remediate the root cause of the incident to reduce the risk of future incidents.

Expert witness services (England & Wales only)

Expert witnesses are individuals who are recognised as authorities in their field and are called upon to provide their specialised knowledge and expertise in legal proceedings. They are typically called upon in court cases to provide opinions, analysis, and conclusions based on their expertise in a particular subject matter.

Book a free consultation today to discuss your security assurance requirements

Book a meeting

Danielyan Consulting in numbers

Over 200 happy clients

Over 300 engagements delivered

Over 11 years in business

Over 20 years of cyber security experience

Dave Hoare

Co-Founder & CTO, Codat

Codat has engaged Danielyan Consulting as our third party security consultant since the business first started in 2017. Danielyan Consulting have been a consistently excellent partner, taking the time to fully understand our systems and providing testing and advice tailored to our specific needs. They simultaneously make sure we have all the industry-standard boxes ticked, providing us with certificates and reports that are invaluable to our sales and compliance processes. We would not hesitate to use Danielyan Consulting again for our security testing, and regularly recommend them to other companies.

Neil Thompson

CTO, WorkInConfidence

WorkInConfidence engaged Danielyan Consulting to carry out penetration testing on both our SpeakInConfidence and ReferenceInConfidence products. This took the form of an initial test to baseline where we were and then a second test after we had implemented recommendations from their report. Edgar was very good at explaining the process that was to take place and providing support as we got to grips with the outcome of his initial report. It was a very worthwhile exercise and we would definitely use Danielyan Consulting again for our future security testing.

Mattias Altin

CTO, Derivitec

Edgar was hired to perform a penetration test on the Derivitec Risk Portal in December 2014. I found Edgar to be very professional and diligent in his work and we were very happy with his analysis and follow-up report. I will continue to use his services in the future and would highly recommend him to other companies.

Paul Brown

Technical Lead, ELBI

Edgar was recommended to me by a friend and colleague, as a knowledgeable and trustworthy advisor and consultant on security matters. Edgar has helped Elbi Digital advance the security of its platform by providing security consultation and expert external application penetration testing. As part of his consultancy he educated and advised the whole tech team on processes and software solutions to make the platform as secure as possible against the OWASP Top 10 at launch, and to remain as secure as possible in the future.

Dr Yann Golanski

Expert in Risk Mitigation, Compliance, and Software Engineering

Edgar possesses a fantastic depth of knowledge in both theoretical and practical aspects of cybersecurity. His ability to translate complex technical information into clear and understandable terms highlights his exceptional communication skills. His professionalism is exemplary, as he consistently approaches tasks with diligence, attention to detail, and integrity. Edgar's ability to identify vulnerabilities and provide actionable insights to enhance cybersecurity defences effectively.

George Stancliffe

CEO, LE Capital UK

Highly professional service. A great comfort to have Edgar's support.

Jon Webb

CTO, Product & Engineering Leader

Edgar is a consummate security professional. He goes above and beyond when explaining and executing processes and strategies for identifying threats and attack vectors. Then, when explaining the identified security issues he is super helpful in guiding teams through what is deemed as an appropriate/acceptable response.

Steve Canham

The Institute of Cancer Research

Edgar has made an enormous difference to security at the institute, bringing not only wide experience and knowlege but also the rigour and discipline this area requires, though always coupled with a willingness to discuss and explain issues and see things from multiple perspectives.

Edgar ter Danielyan: Director & Principal Consultant

Senior cyber security specialist with over 20 years of experience in security engineering, penetration testing, security management, intrusion analysis and security audit at organisations such as Microsoft, Skype, Citigroup, Deloitte, the Institute of Cancer Research and the Royal Bank of Scotland.

Elected Chartered Fellow of the British Computer Society in 2006 and left Microsoft to set up Danielyan Consulting in 2013.

Registered with the Council of Registered Ethical Security Testers (CREST) and regulated by BCS, the Chartered Institute for Information Technology.

Accredited as an expert witness by the Cardiff University Law School since 2022.

Professional qualifications include:

CREST Practitioner Security Analyst (CPSA, 2021),
CREST Practitioner Intrusion Analyst (CPIA, 2021),
CREST Registered Penetration Tester (2014),
AWS Certified Cloud Solutions Architect (2014),
CREST Registered Technical Security Architect (2013),
BSI ISO 27001 ISMS Lead Auditor (2007),
Certified Information Security Manager (CISM, 2006),
Chartered IT Professional (CITP, 2006),
Information Systems Security Management Professional (ISSMP, 2005),
Information Systems Security Architecture Professional (ISSAP, 2004),
Certified Information Systems Auditor (CISA, 2004),
Certified Information Systems Security Professional (CISSP, 2003).

Internationally published author of books and articles on computer security over the last 20 years.

Security is a process, not a product.


Bruce Schneier

Testing leads to failure, and failure leads to understanding.


Burt Ratan

To know how things really work, study them when they are coming apart.


William Gibson

Turn data into information, and information into insight.


Carly Fiorina

Book a free consultation to discuss your requirements