Before the breach. Beyond the perimeter. Illuminate your threats.
// Human expertise. Platform precision. Reactive to proactive.
COMING 2026
Hikari Unified Platform — SaaS built in Switzerland. Real-time posture, compliance automation, zero trust orchestration and continuous audit. One platform. Every layer. Learn more →
Secure only what you need. Hikari operates across every layer of your threat surface — from architecture to governance, cloud to endpoint, detection to resilience.
STRATEGY & GOVERNANCE
Security Strategy & Risk Governance
Enterprise-wide frameworks aligned with ISO 27001, NIST CSF 2.0, and CIS Controls. Board-level risk reporting to operational controls.
ISO 27001NISTCISSOC 2NIS2
ARCHITECTURE
Zero Trust Architecture
End-to-end zero trust across identity, network, workload and data. 500+ enterprise deployments using Microsoft, Okta, Prisma, and SASE.
Zero TrustIAMSASEMicrosegmentation
CLOUD SECURITY
Cloud & Multi-Cloud Security
Cloud-agnostic across Azure, AWS, GCP, and Alibaba — CSPM, CWPP, DevSecOps, and sovereign cloud compliance for complex hybrid environments.
CSPMCWPPDevSecOpsAzureAWSGCP
DETECTION & RESPONSE
SecOps, IR & Threat Intelligence
Automated SecOps architecture, CTI platforms, SIEM, forensics, and crisis coordination. Built from real-world incidents — ransomware, data leaks, infrastructure attacks.
SIEMEDR/XDRCTIForensicsIR
COMPLIANCE
Continuous Compliance & Audit
Continuous compliance monitoring — not annual snapshots. SOC 2 Type II, ISO 27001, GDPR, LPD, NIS2. We manage controls, evidence, and the audit journey.
SOC 2ISO 27001GDPRLPDNIS2
OFFENSIVE SECURITY
Penetration Testing & Red Team
External and internal pentests, assumed breach, web/API/network assessments, social engineering and full red team operations to validate real resilience.
PentestRed TeamOSINTSocial Engineering
IDENTITY & DATA
Data Protection & Identity
DLP, CASB, encryption and IAM governance across hybrid environments — securing every identity and every data flow, from endpoint to cloud.
DLPCASBIAM/PAMEncryption
RESILIENCE
BCP, DRP & Security Awareness
Business continuity, disaster recovery, crisis simulation and security awareness programs. Your people are the most powerful resilience lever — we activate them.
BCP/DRPAwarenessCrisis SimTraining
THIRD-PARTY RISK
Supplier Oversight & Third-Party Risk
Leaving your supplier's door open is leaving yours open too. We assess, monitor and build confidence in your third-party ecosystem — so a vendor's weakness doesn't become your breach.
Third-Party RiskVendor AssessmentSupply ChainTPRM
// WHO WE SERVE
Built for every scale and sector.
From Geneva SMEs to Fortune 500 enterprises, international organizations to regulated institutions — our approach adapts to your reality.
PRIVATE SECTOR
SMEs, ETIs & Enterprise
Turnkey packages for organizations without a security team, through to complex Fortune 500 multi-cloud environments. We deliver at every scale.
PUBLIC SECTOR
Public Institutions & Administrations
Cantonal administrations, public hospitals, critical infrastructure operators. Compliance-first, operationally resilient, built for public accountability.
INTERNATIONAL ORGANIZATIONS
IGOs, NGOs & Diplomatic Entities
Geneva is home to the world's most sensitive organizations. Discrete, sovereign, and certified — security where confidentiality is non-negotiable.
REGULATED SECTORS
Finance, Health & Critical Infrastructure
Banking, healthcare, energy, connected vehicles. Deep expertise in highly regulated verticals — compliance-first without compromising performance.
HIKARI PLATFORM — COMING 2026
One platform. Every layer.
// Built in Switzerland. Designed to unify visibility, automate compliance, and orchestrate zero trust across your entire organization — without the noise.
// PLATFORM PILLARS
What the platform will deliver.
01 — UNIFIED POSTURE
Real-time security posture dashboard
A single pane of glass across cloud, endpoint, identity and network. Risk-scored, prioritized, and actionable — not raw alerts. Know where you stand, always.
COMING 2026
02 — COMPLIANCE AUTOMATION
Continuous audit engine
Automated evidence collection and control mapping for ISO 27001, NIS2, GDPR, LPD and SOC 2. Always audit-ready — not once a year. Built from real audit experience.
COMING 2026
03 — ZERO TRUST ORCHESTRATION
Identity-based zero trust controls
Enforce zero trust policies across every access point. Identity-centric, context-aware, and adaptive to your specific environment and risk profile.
COMING 2026
04 — THREAT INTELLIGENCE
Integrated CTI & proactive threat feeds
Threat intelligence contextualized to your industry, infrastructure, and exposure. Shift from reactive alerting to proactive anticipation — before the attacker moves.
COMING 2026
FULL-SPECTRUM SECURITY SERVICES
Know your exposure. Secure what matters. Every layer secured.
From governance to offensive security, cloud architecture to compliance — Hikari delivers across every dimension of your threat surface.
STRATEGY
Security Strategy & Risk Governance
Enterprise-wide frameworks aligned with ISO 27001, NIST CSF 2.0, and CIS Controls. Board-level risk visibility to operational security controls.
ISO 27001NISTCISSOC 2
ARCHITECTURE
Zero Trust Architecture
500+ enterprise deployments. Identity, network, workload and data — end-to-end zero trust using Microsoft, Okta, Prisma Cloud and SASE frameworks.
Zero TrustIAMSASEOkta
CLOUD
Cloud & Multi-Cloud Security
Azure, AWS, GCP, Alibaba. CSPM, CWPP, DevSecOps and sovereign cloud — including PaaS security architecture informed by firsthand vulnerability research.
CSPMCWPPDevSecOpsPaaS Security
DETECTION
SecOps, Incident Response & CTI
Automated SecOps, SIEM, forensics, and crisis coordination — built from managing real incidents including ransomware, data leaks, and nation-state-adjacent attacks.
SIEMEDR/XDRCTIIR
COMPLIANCE
Continuous Compliance & Audit
Continuous monitoring over point-in-time audits. ISO 27001, SOC 2 Type II, NIS2, GDPR, LPD — evidence management, control tracking, and full audit journey support.
ISO 27001SOC 2NIS2GDPR
OFFENSIVE
Penetration Testing & Red Team
External, internal, assumed breach, web/API/network, social engineering and full red team operations — to test real resilience, not checkbox compliance.
PentestRed TeamOSINTPhysical
IDENTITY & DATA
Data Protection & Identity
DLP, CASB, encryption and IAM/PAM governance. Every identity, every data flow — from endpoint to cloud, across hybrid environments.
DLPCASBIAM/PAMEncryption
RESILIENCE
BCP, DRP & Security Awareness
Business continuity, disaster recovery, crisis simulation and awareness programs. People are the most powerful resilience lever — we activate them.
BCP/DRPAwarenessCrisis Sim
THIRD-PARTY RISK
Supplier Oversight & Third-Party Risk
Leaving your supplier's door open is leaving yours open too. We assess, monitor and build confidence in your third-party ecosystem — so a vendor's weakness doesn't become your breach.
Third-Party RiskVendor AssessmentSupply ChainTPRM
WHO WE SERVE
Every scale. Every sector.
Private, public, international — Hikari Security adapts its approach to your organizational reality, regulatory context, and risk profile.
PRIVATE SECTOR — SME & ETI
Swiss SMEs & Mid-Market
Organizations without a dedicated security team — or with one that's stretched thin. Turnkey packages focused on what actually matters: visibility, detection, compliance simplified, and a clear roadmap. No unnecessary complexity. Pay for what you need to secure.
PRIVATE SECTOR — ENTERPRISE
Large Enterprises & Fortune 500
Complex multi-cloud environments, global workforces, thousands of applications. Hikari has operated at this scale — securing infrastructure for major automotive, luxury, and technology groups — and delivers accordingly.
PUBLIC SECTOR
Public Institutions & Administrations
Cantonal governments, public hospitals, critical infrastructure operators. Security built for public accountability — compliant, resilient, and aligned with Swiss regulatory requirements including the revised LPD and sectoral mandates.
INTERNATIONAL ORGANIZATIONS
IGOs, NGOs & Diplomatic Bodies
Geneva hosts the highest concentration of international organizations in the world. Hikari brings discretion, sovereign infrastructure, and expertise in environments where confidentiality and geopolitical sensitivity are inherent constraints — not edge cases.
REGULATED SECTORS
Finance, Health & Critical Infrastructure
Banking, healthcare, energy, connected vehicles. Deep vertical expertise in environments where security failure is systemic risk. Compliance-first architectures that don't compromise operational continuity — validated under FINMA, HUG, ISO, and GDPR frameworks.
STARTUPS & SCALE-UPS
Tech Startups & Growth Companies
Security built in from day one — not bolted on at Series B. Secure architecture, compliance readiness, and investor-grade governance for companies building at speed in regulated or sensitive markets.
I founded Hikari Security — 光, the light — because I've seen what happens in the dark. Ransomware paralyzing entire operations. Data leaks traced back to architectural blind spots. CEOs and CISOs running in circles during a crisis with no structured response. I've been in those rooms. I know what it costs.
Over 14 years, I've secured infrastructure for some of the world's most complex environments — a connected vehicle ecosystem spanning 3 million assets and hundreds of thousands of employees, luxury global infrastructure, and group-wide security leadership across thousands of cloud and on-premise applications.
Hikari Security exists to give organizations — at any size — the security posture they deserve. Not the one their budget dictates. My approach is simple: What. How. Why. Understand the threat. Build the response. Make it stick.
Founded Hikari Security to help organizations shift from reactive to proactive. Engaged in ransomware response, data leak investigations, infrastructure hardening, and zero trust architecture deployments across multiple Swiss and European organizations.
2023 – 2025
Group Information Security Officer
Kudelski Group · Switzerland
Led group-wide cybersecurity strategy. Oversaw logical and physical security, designed automated SecOps architecture, built a Cyber Threat Intelligence platform, led penetration testing programs, and managed SOC 2 Type II and ISO 27001 audits.
2021 – 2023
Cloud Security Solutions Lead
Kudelski Security · Switzerland
Delivered 500+ Zero Trust architecture projects for Fortune 500 clients leveraging Microsoft, Okta, and NIST Cybersecurity Framework across complex enterprise environments.
2020 – 2021
Cloud Security Lead
Richemont · Switzerland
Defined cloud security strategy and governance for a global luxury group. Implemented CSPM with Prisma Cloud across AWS, GCP, and Alibaba. Led security architecture for all Maisons.
2018 – 2020
Cloud Security Solutions Architect
Renault-Nissan-Mitsubishi Alliance · France
Secured a cloud ecosystem supporting 3 million connected vehicles. Designed Azure IaaS and PaaS security architectures, led DevSecOps initiatives, deployed SIEM, IAM, and Bastion solutions. Discovered and disclosed a critical vulnerability in Pivotal Cloud Foundry PaaS shared secret isolation.
2012 – 2018
Earlier career: Security Solutions Architect at TotalEnergies · Security & Networks Engineer at BNP Paribas · QA Engineer at MYCOM — foundational roles across network security, firewall infrastructure, and enterprise QA.
RESEARCH, INTELLIGENCE & FIELD INSIGHTS
From the field. For the field.
Original research, disclosed vulnerabilities, threat intelligence analysis and operational insights from 14 years at the intersection of security architecture and live incident response.
During security architecture work on a PaaS environment supporting 3 million connected vehicles, a critical vulnerability was identified in Pivotal Cloud Foundry: applications running on the same foundation shared secrets without proper isolation or segmentation boundaries. This meant a compromised application could potentially access credentials belonging to entirely separate tenants on the same platform — a fundamental violation of the multi-tenancy security model.
The vulnerability was responsibly disclosed to Pivotal in 2018. Pivotal Cloud Foundry was subsequently acquired by VMware in a $2.7 billion transaction in 2019. The research underscores a persistent blind spot in PaaS shared infrastructure: the assumption of platform-level isolation that does not hold under adversarial conditions.
THREAT INTELLIGENCEOPERATIONAL INSIGHT
Cyber Operations in Geopolitical Conflict: Attack Patterns, Data Leak Strategies & State-Adjacent Threat Actors
Through involvement in incident response and threat intelligence operations, direct exposure to cyber campaigns aligned with geopolitical conflict — including data exfiltration operations, strategic infrastructure targeting, and psychological operations via leak disclosure. This insight covers the anatomy of state-adjacent cyber operations: how attackers select targets, how data leaks are weaponized as geopolitical instruments rather than purely criminal acts, the role of misinformation layers in obscuring attribution, and the gap between technical detection and strategic understanding of attacker intent.
Understanding what was stolen, why, and how it will be used is as important as the containment itself. This work informs Hikari's approach to CTI — oriented toward strategic context, not just IOC matching.
FIELD ANALYSISONGOING
From Reactive to Proactive: The Architecture of Resilience in Organizations That Survive Incidents
Based on direct involvement in ransomware responses, data leak containments, and infrastructure recovery operations across multiple industries, this analysis identifies the structural differences between organizations that recover quickly and those that are paralyzed for weeks.
Key findings: the organizations that recover fastest have pre-defined crisis governance, not just technical playbooks. Detection speed matters less than decision speed. And security awareness at all levels — not just the SOC — is the single most differentiating factor. This underpins Hikari's core methodology: What. How. Why. — applied before the incident, not during it.
ARCHITECTURE INSIGHTAPPLIED RESEARCH
Zero Trust in Practice: What 500+ Deployments Reveal About the Gap Between Theory and Implementation
After delivering zero trust architecture across more than 500 enterprise engagements — spanning connected vehicles, luxury retail, media technology, and financial services — a clear pattern emerges: zero trust fails not at the technology layer but at the identity governance and change management layer.
Organizations that succeed treat zero trust as an ongoing operating model, not a project with a completion date. The critical enablers are continuous identity verification, context-aware access policies, and security teams empowered to enforce controls that occasionally break user experience. This insight series draws directly from deployment experience to offer practitioners a ground-level guide.
SECURITY DIAGNOSIS · FREE & CONFIDENTIAL
Let's assess your exposure.
// Tell us about your organization. We'll come back to you within 48 hours with a first assessment and a clear next step.
// CONTACT
Request a Security Diagnosis
LEGAL · PRIVACY POLICY
Privacy Policy Your data. Your rights.
// Last updated: June 2026 · Hikari Security Sàrl · Geneva, Switzerland
When you submit a Security Diagnosis request, we collect the following information:
· First and last name · Job title · Company / organization name · Professional email address · Phone number (optional) · Organization size · Security concerns (selected categories) · Free-text message content
No sensitive data (health, financial, political) is requested or processed through this form.
// 03 — WHY WE COLLECT IT
Purpose of Processing
Your data is collected and processed exclusively for the following purposes:
· To respond to your Security Diagnosis request · To assess your needs and propose an appropriate service · To follow up on our exchange if a mandate is initiated
Your data will never be used for unsolicited marketing, sold to third parties, or shared with any external organization without your explicit consent.
// 04 — HOW LONG WE KEEP IT
Data Retention
Data submitted through the contact form is retained for a maximum of 12 months from the date of your request, unless a contractual relationship is established — in which case applicable legal retention periods apply.
You may request deletion at any time (see section 06).
// 05 — THIRD PARTIES
No Data Sharing
Hikari Security does not sell, rent, or share your personal data with any third party.
No third-party analytics, advertising trackers, or profiling tools are used on this website. This site does not use cookies beyond what is strictly necessary for navigation.
// 06 — YOUR RIGHTS
Access, Rectification & Deletion
In accordance with the Swiss Federal Act on Data Protection (nLPD, in force since September 2023) and the EU General Data Protection Regulation (GDPR), you have the right to:
·Access the personal data we hold about you ·Rectify any inaccurate or incomplete data ·Request deletion of your data at any time ·Object to processing or request restriction ·Data portability — receive your data in a structured format
·Swiss nLPD — Federal Act on Data Protection (revised, in force September 2023) ·EU GDPR — General Data Protection Regulation (2016/679), where applicable
Any dispute relating to this policy shall be subject to the jurisdiction of the courts of Geneva, Switzerland.
When you submit a Security Diagnosis request, we collect the following information:
· First and last name · Job title · Company / organization name · Professional email address · Phone number (optional) · Organization size · Security concerns (selected categories) · Free-text message content
No sensitive data (health, financial, political) is requested or processed through this form.
// 03 — WHY WE COLLECT IT
Purpose of Processing
Your data is collected and processed exclusively for the following purposes:
· To respond to your Security Diagnosis request · To assess your needs and propose an appropriate service · To follow up on our exchange if a mandate is initiated
Your data will never be used for unsolicited marketing, sold to third parties, or shared with any external organization without your explicit consent.
// 04 — HOW LONG WE KEEP IT
Data Retention
Data submitted through the contact form is retained for a maximum of 12 months from the date of your request, unless a contractual relationship is established — in which case applicable legal retention periods apply.
You may request deletion at any time (see section 06).
// 05 — THIRD PARTIES
No Data Sharing
Hikari Security does not sell, rent, or share your personal data with any third party.
No third-party analytics, advertising trackers, or profiling tools are used on this website. This site does not use cookies beyond what is strictly necessary for navigation.
// 06 — YOUR RIGHTS
Access, Rectification & Deletion
In accordance with the Swiss Federal Act on Data Protection (nLPD, in force since September 2023) and the EU General Data Protection Regulation (GDPR), you have the right to:
·Access the personal data we hold about you ·Rectify any inaccurate or incomplete data ·Request deletion of your data at any time ·Object to processing or request restriction ·Data portability — receive your data in a structured format
·Swiss nLPD — Federal Act on Data Protection (revised, in force September 2023) ·EU GDPR — General Data Protection Regulation (2016/679), where applicable
Any dispute relating to this policy shall be subject to the jurisdiction of the courts of Geneva, Switzerland.
// We believe in the security community. If you've found a vulnerability, we want to hear from you.
// OUR COMMITMENT
Hikari Security is committed to working with security researchers and the broader community to identify and responsibly address vulnerabilities. We take all reports seriously and will investigate every submission promptly.
If you discover a vulnerability affecting Hikari Security systems or services, please report it to us before disclosing it publicly. We commit to working with you transparently and in good faith.
Please include the subject line: [SECURITY DISCLOSURE]
Your report should include:
· A clear description of the vulnerability · The potential impact and affected systems · Steps to reproduce the issue · Any proof-of-concept code or screenshots (if applicable) · Your contact details (optional — anonymous reports accepted)
// OUR RESPONSE COMMITMENT
·Acknowledgement within 48 hours of receiving your report ·Initial assessment within 7 days ·Regular updates on remediation progress ·Credit for your discovery (if desired) upon resolution
// SCOPE
This policy applies to vulnerabilities found in:
· hikarisecurity.io and all subdomains · Hikari Security platform and services
Please do not conduct any testing that could impact service availability, access or modify data belonging to others, or violate applicable laws.
// SAFE HARBOUR
Hikari Security will not pursue legal action against researchers who discover and report vulnerabilities in good faith, in accordance with this policy. We consider responsible disclosure a valuable contribution to the security community and to our clients.
Hikari Security Sàrl · Geneva, Switzerland · Last updated June 2026