Puffin Security

Puffin Security

Speciality: Adversary Emulation and Red Teaming

Madrid, Spain 6 employees Publishes CVEs
Visit Website View on LinkedIn
[01] About

Cybersecurity company specializing in penetration testing, cybersecurity assessments, and red team services; 2 employees with -14.3% YoY growth; founded 2010; based in Madrid, Spain.

Puffin security has been providing cybersecurity solutions successfully over 10 years. We have an international background operating in different countries and industries to protect what matters most against your threat landscape. We aim to deliver the maximum impact for your IT security investment. We offer a range of cybersecurity services that help you prevent and respond to evolving threats, including: security assessments, compliance readiness, vulnerability scanning and penetration testing, cybersecurity strategy development, and more. We advise on your cybersecurity strategy depending on your current level of maturity to help you define your security perimeter, objectives and procedures. We can identify gaps, prioritize security spending, and reduce enterprise risk when you work with our certified security experts.
[02] Services
Cybersecurity Audit And Assessment
Penetration Testing
Red Team Services
Managed Detection And Response (mdr)
Vulnerability Assessment
Incident Response
Cybersecurity Consulting.
[03] Certifications
Certified Ethical Hacker (ceh)

Certified Ethical Hacker (CEH) Certification


Origin and Creation


The Certified Ethical Hacker (CEH) certification was created by the International Council of E-Commerce Consultants (EC-Council) in 2003. EC-Council, founded by Jay Bavisi, developed this certification in response to the growing need for standardized training in ethical hacking and penetration testing methodologies. The program was designed to legitimize the practice of "white hat" hacking by establishing a professional framework for security professionals who need to think like malicious hackers in order to better defend their organizations' systems and networks.


Industry Value and Importance


The CEH certification is widely recognized and valued in the cybersecurity industry because it validates a professional's knowledge of current hacking techniques, tools, and methodologies from an attacker's perspective. Many government agencies, including the U.S. Department of Defense, and numerous private sector organizations recognize CEH as meeting their information assurance training requirements. The certification demonstrates that holders understand how to identify vulnerabilities and weaknesses in systems, making them valuable assets for organizations seeking to strengthen their security posture through proactive testing and assessment.
Certified Information Systems Security Professional (cissp)

Origins of CISSP


The Certified Information Systems Security Professional (CISSP) certification was created by the International Information System Security Certification Consortium, known as (ISC)², in 1994. It was developed in response to the growing need for a standardized credential that could validate the knowledge and expertise of information security professionals. The certification was designed to establish a common body of knowledge for the cybersecurity field and provide organizations with a reliable way to identify qualified security practitioners during a time when information security was becoming increasingly critical to business operations.


Industry Value and Importance


The CISSP is widely recognized as one of the most prestigious and valued credentials in the cybersecurity industry. It demonstrates that holders possess comprehensive knowledge across eight security domains, including security architecture, risk management, and software security. Many government agencies, including the U.S. Department of Defense, and Fortune 500 companies either require or strongly prefer CISSP certification for senior security positions. The certification's rigorous requirements—including five years of professional experience and passing a challenging exam—combined with mandatory continuing education, ensure that CISSP holders maintain current, relevant expertise, making it a trusted benchmark for cybersecurity competence worldwide.

SANS GIAC Penetration Tester (gpen)