Matthew Keeley
Founder
Zero-day researcher and RSA Conference speaker behind the CVSS 10 Erlang/OTP SSH exploit that made global headlines. He leads red teams deep inside Fortune 500 networks.
We are operators, researchers, and engineers who validate real risk, prove exploitability, and deliver fix paths teams can ship. US-based, senior-only, and proven in the wild.
When we publish, the industry pays attention. Our proof-of-concept work on critical vulnerabilities has been covered by leading security outlets.
The team collectively holds 17 industry certifications across offensive security, cloud architecture, and emerging technologies, a depth most boutiques can't match.
Operators, researchers, and tool-builders. The names below carry the CVEs, the frameworks, and the conference talks.
Founder
Zero-day researcher and RSA Conference speaker behind the CVSS 10 Erlang/OTP SSH exploit that made global headlines. He leads red teams deep inside Fortune 500 networks.
Head of Zero Day Research
Runs our vulnerability discovery program. 30+ published CVEs across embedded systems and enterprise software.
Senior Security Engineer
Leads our AI research initiatives and bridges secure application development with emerging AI security techniques.
Principal Security Researcher
Leads our capstone research program with Arizona State University and mentors emerging researchers. Reverse engineering, malware analysis, and threat intel.
Cybersecurity Researcher
Builds offensive tooling and post-exploitation frameworks, including the Eshu and Ender frameworks. First place in TryHackMe's Sapphire League.
Principal Security Researcher
Deep-dive research on emerging technologies and attack techniques, from adversary simulation to OSINT.
Principal Security Consultant
Mobile and IoT security assessments. Prolific bug bounty hunter.
Account Executive
Bridges technical depth with client needs and keeps engagements running clean from scope to delivery.
Matthew Keeley and Allen Foust founded DevilSec at Arizona State University. It grew from two people to 1,400 members and the #1 university team in the world on Hack The Box.
DevilSec won Boeing's Drone Defense Competition, placed top-three at WRCCDC, and became a recruiting powerhouse for top-tier pentesters.
Matthew founded ProDefense (now Platform Security) after years of Fortune 100 security consulting. In its early years the team published 20+ CVEs and delivered zero-days to Fortune 500 companies and government entities.
Research on the critical Erlang/OTP SSH RCE (CVE-2025-32433) was covered across The Hacker News, BleepingComputer, and Tenable. The team continues to run on the WRCCDC red team and ship original research.
No junior bench, no checklist farm. The person testing your environment could exploit it for real, and writes your report.
Scanners find issues; attackers chain them. We pursue the path from foothold to impact.
Every critical comes with exact, re-runnable steps. No severity inflation.
A prioritized, sequenced remediation path written for the people who ship it, then we re-test.
We partner with Arizona State University's Ira A. Fulton Schools of Engineering to mentor the next generation of offensive researchers. Students ship production-quality open-source tools back to the community.
US-based team only. Your sensitive data never leaves the country or touches offshore hands.
“Our last three vendors all signed off on us as secure. Platform Security walked in and chained a path straight to our crown jewels that every one of them missed.”
If you need a high-conviction assessment with evidence-backed reporting and a practical remediation path, we should talk.