// Who We Are

Built by Practitioners.
Accountable to Results.

ctfwithai is a practitioner-led cybersecurity firm. We were founded by engineers who had spent years running engagements delivered by other firms and consistently found the same problem: the people who sold the work were not the people doing it.

We built ctfwithai to operate differently. Every engagement is owned end-to-end by the practitioner who scoped it. Our team spans offensive security, threat intelligence, cloud architecture, compliance, detection engineering, and training. That breadth is not a marketing claim — it reflects the actual expertise of the people on the team.

6
Practice Areas
25k+
People Trained
24/7
SOC Coverage
15 min
Critical Response

// What We Do

Full-Spectrum Security from One Team

Most security firms are either offensive shops or compliance consultancies. We cover the full spectrum because real security problems rarely stay in one lane. A red team finding that requires a cloud IAM fix, a compliance programme that needs threat modelling input, a SOC alert that turns into an incident response — these cross disciplines, and so do we.

Offensive

Find What Attackers Would Find

  • --Penetration testing
  • --Red team operations
  • --AI/LLM security assessments
  • --Social engineering
Defensive

Detect and Respond

  • --Managed SOC (24/7)
  • --Detection engineering
  • --Incident response
  • --Threat hunting
Intelligence

Know Your Adversary

  • --Threat intelligence programmes
  • --Dark web monitoring
  • --APT profiling
  • --The Bridge (free tool)
Cloud

Secure Modern Infrastructure

  • --Cloud security assessments
  • --IAM architecture review
  • --DevSecOps integration
  • --Kubernetes hardening
GRC

Meet Obligations, Build Controls

  • --ISO 27001
  • --SOC 2
  • --NIS2 and DORA
  • --GDPR and data protection
Training

Build Internal Capability

  • --Developer security training
  • --Security awareness
  • --Phishing simulation
  • --CTF competitions

// How We Work

What We Hold Ourselves To

01Practitioners First
Every engagement is run by the person who scoped it. We do not hand work off to junior staff after the sales call. The person you speak to is the person doing the work.
02Honest Scoping
If a smaller engagement solves the problem, that is what we recommend. We have turned down larger contracts because the client did not need them. That reputation is worth more to us than short-term revenue.
03Measured, Not Promised
Our SLAs are based on what we have consistently delivered, not what sounds good in a proposal. Median 15-minute response on critical SOC incidents. We can show you the data.
04One Accountable Team
Offensive, defensive, AI, intelligence, compliance, and training from a single team. No coordination overhead, no blame between vendors, one point of accountability for outcomes.

// The Team

The People Behind the Work

Our team is deliberately small and deliberately senior. Every person listed here is an active practitioner, not a manager. They hold certifications in their discipline but more importantly they hold track records of doing the work.

01

Saad Khattak

Founder & Lead Security Engineer

SK

Saad founded ctfwithai after a decade in offensive security, having run red team operations for financial institutions and critical infrastructure operators. His focus on AI security began with some of the earliest LLM deployments in production environments, where he identified the gap between how AI systems were being built and how they could be attacked.

Offensive SecurityAI/LLM PentestingRed Team Operations
OSCPCRTOCEH
02

Aryan Malik

Head of Threat Intelligence

AM

Aryan spent seven years in government threat intelligence before joining ctfwithai. He built the team's threat intelligence capability from the ground up, establishing the monitoring infrastructure, source network, and analytical methodology that now underpins client intelligence programmes and The Bridge platform.

Threat IntelligenceOSINTDark Web OperationsAPT Profiling
GCTIGCFESecurity+
03

Priya Nair

Cloud Security Lead

PN

Priya came to security from a software engineering background, which shapes how she approaches cloud assessments: she looks for what developers actually build rather than what security checklists assume. She has run cloud security programmes for SaaS companies scaling from startup to enterprise and holds deep expertise in AWS, GCP, and Azure identity and access management.

Cloud SecurityIAM ArchitectureDevSecOpsKubernetes Hardening
AWS Security SpecialtyCCSPCKS
04

James Okafor

GRC and Compliance Lead

JO

James has led compliance programmes at organisations ranging from regulated financial services firms to early-stage SaaS companies. His approach is to build controls into operational processes rather than treat compliance as a documentation exercise. He has guided clients through ISO 27001 certification, SOC 2 Type II audits, and NIS2 readiness reviews across multiple EU jurisdictions.

ISO 27001NIS2DORASOC 2GDPR
CISMISO 27001 Lead AuditorCRISC
05

Leila Haddad

Defensive Security and Detection Engineer

LH

Leila built and ran SOC teams at a managed security service provider before moving to consultancy. She specialises in detection engineering: building rule sets that fire on real attacks rather than generating alert noise, and in incident response for organisations that do not have an internal capability when something goes wrong. She has responded to ransomware incidents across manufacturing, healthcare, and retail.

SIEM EngineeringEDR TuningIncident ResponseThreat Hunting
GCIHGCIABTL2
06

Marcus Webb

Security Training Lead

MW

Marcus has trained over 25,000 developers, security engineers, and non-technical staff across financial services, technology, and public sector organisations. He designs training programmes grounded in real attack scenarios rather than compliance checkboxes, and leads our CTF competition design work which underpins the ctfwithai name.

Developer Security TrainingCTF DesignPhishing SimulationSAST/DAST
GWEBGSECCEH

// The Name

Why ctfwithai?

CTF stands for Capture the Flag — the competitive security challenges that most practitioners use to sharpen their skills. They require the same thinking as real attacks: patience, lateral reasoning, and deep technical knowledge applied under pressure.

The AI component reflects where security is heading. AI systems introduce attack surfaces that conventional tools were not built for. We started working on LLM security assessments before most firms knew what prompt injection was, and that early investment in understanding the new attack surface is now a core part of what we offer.

The name also reflects how we approach problems: like a CTF challenge, with curiosity, rigour, and the expectation that the answer is there if you are methodical enough to find it.

$ whoami

ctfwithai — full-spectrum cybersecurity

$ cat mission.txt

Reduce actual exposure. Demonstrate the difference. No bloated retainers. No off-shore hand-offs.

$ cat team.txt

6 practitioners. 6 disciplines. One accountable team.

$ cat scope.txt

Offensive · Defensive · AI · Intelligence · GRC · Training

// Work With Us

Tell us what you need to protect.

We scope every engagement from scratch. No templates, no upsell. Just an honest assessment of what your environment needs.

Get a Quote