The Company

Delivering confidence in all aspects of information security through assessment and penetration testing

Cyber-attacks and massive breaches are increasing year-over-year, costing organizations big dollars along with their reputations. Security regulations are increasing in complexity and and more frequently audited and enforced.

Illumant helps companies navigate the security and threat landscape to become more secure, less of a target, and more compliant.

Illumant is the only security assessment vendor we've used twice. There is a reason for that. They did an excellent job! Matthew Ryffel, Manager, Network Operations and Information Systems, Valley Health System

Founded in 1999, Illumant has been at the forefront of Internet and information security since its inception. Illumant was one of the first companies to offer penetration testing and security assessment services to its clients, long before security was little more than an afterthought. Illumant was among the first companies to offer security compliance services as information security standards, laws and regulations started to emerge.

Illumant's founders graduated from Stanford University with degrees in Engineering and Physics in the earliest stages of the first Internet bubble, with the aim to address the vastly underserved information security arena. Illumant crafted services to help organizations identify security weaknesses in technical infrastructure and security posture to help head off threats before potentially costly security breaches.

Utilizing an arsenal of assessment services spanning internal and external, and technical and organizational perspectives, including:

  • penetration testing,
  • vulnerability assessment,
  • policies and procedures assessment,
  • security compliance services,
  • risk assessment; and,
  • social engineering

Illumant has conducted thousands of assessment and compliance engagements, helping over 800 clients protect themselves from cyber-attacks. Illumant has helped companies across all verticals including hospitals, research universities, schools, law firms, utilities, government agencies, cities, counties, tech firms, manufacturing firms, online retailers, oil and gas companies, and financial institutions.

Our Clients

Our Team

Matija Siljak Director of Advisory ServicesB.S., M.S., Stanford University, CISA

Matija helps Illumant's clients design assessment solutions that address their specific needs, while helping develop new assessment solutions to counter emerging threats and tackle emerging compliance requirements.

Mark F. Snodgrass Director of Technical OperationsB.S., M.S., Ph.D., Stanford University, CISA, CISSP, GPEN

Mark oversees all assessment operations for Illumant, while driving the development of tools and techniques to address emerging threats and vulnerabilities, and to add value to the assessment process.

Cedric Bennet Senior Solutions AdvisorB.A., San Francisco State University

As Emeritus Director, Information Security Services for Stanford University, Ced heads up Illumant’s higher education practice, developing methodologies to address the needs of this vertical as well as other verticals that share similar security concerns.

Claus Schafhalter V.P. Information Security Risk Management and ComplianceB.S., M.S Technical University, Graz, Austria

Along with Roger Smith, Claus develops Illumant's consulting methodologies and manages Illumant's IT security risk assessment and compliance projects.

Roger Smith V.P. Information Security Risk Management and ComplianceB.S., Trinity College, CISA, CISSP, QSA

Along with Claus Schafhalter, Roger develops Illumant's consulting methodologies and manages Illumant's IT security risk assessment and compliance projects.

Brian Kirsch V.P. Security Assessment and ComplianceB.S., M.S., Stanford University, CISA, CISSP, QSA

Brian manages Illumant’s technical security assessment projects as well as audit and compliance engagements, with focus on PCI, SOX and SOC2.

Chang Kim V.P. OperationsB.S., Stanford University

Chang oversees Illumant's recruiting and internal operations functions, including methodology development, business process modeling, and operational reporting.