(407) 227-2078 Tue–Sat 10–6 · Sun 11–4 Serving Sanford, FL & remote
Call me
The founder of Lindqvist Security working at a desk
one person no sales desk

About · Lindqvist Security

The person you call is the person who does the work.

No account manager, no junior handed your environment, no offshore handoff. When you hire Lindqvist Security, you get one experienced tester from the scoping call through the final attestation letter.

Book a scoping call See what I test & what it costs
Owner-led, start to finish Based in Sanford, FL Independent & vendor-neutral
A printed, annotated security report next to a keyboard

Why this exists

I got tired of reports nobody could use.

I spent years inside larger security firms, and the same thing kept happening. A client paid five figures, got back an 80-page PDF dense with scanner output, and then sat on it because no one could tell which three things actually mattered. The findings were real. The advice was buried.

Lindqvist Security is the answer to that. I take on a small number of engagements at a time so I can do the testing by hand, understand how your product is genuinely put together, and write a report your engineers can act on by Friday — not file away and forget.

Most of my clients are growing SaaS and health-tech teams in that awkward stretch where the product is moving fast, a customer or auditor is asking hard security questions, and there isn’t a full security team yet. That’s exactly where an honest outside set of eyes pays for itself.

— Erik Lindqvist Founder & lead tester

How I work

Four rules I won’t bend on.

These aren’t slogans on a wall. They’re the reasons clients send me their next round and refer their friends.

01

Plain language over fear

A finding only helps if you understand it. I rank every issue by the risk it poses to your business and explain it so a non-technical founder gets it too. No scare tactics to upsell a retainer you don’t need.

02

Fixed scope, fixed price

You get a firm number before I touch anything. No hourly meter, no surprise change-orders halfway through. If the scope grows, we agree on that together, in writing, before any work continues.

03

Test by hand, not just by scanner

Automated tools catch the obvious. The findings that matter — broken access control, business-logic flaws, the chain of small things that becomes a breach — take a human working through your app the way an attacker would.

04

Serious things, same day

If I find something critical mid-engagement, you hear about it that day — not weeks later when the report lands. Re-testing your fixes is included, so we close the loop instead of leaving you guessing.

What you can expect

Small shop, but nothing here is improvised.

Working with one independent tester shouldn’t mean working without structure. Here’s what stays consistent on every engagement, no matter the size.

Methodology that maps

Web-app testing follows the OWASP Testing Guide; readiness work maps to the SOC 2 Trust Services Criteria and the HIPAA Security Rule — so your auditor recognizes the framework.

Your data, handled carefully

Signed rules of engagement and an NDA before any access. Test data is destroyed when the job ends, and I work to a defined window you approve up front.

A real handoff

Every report comes with a live walk-through so your team can ask questions, plus a clean attestation letter once fixes are verified — ready for customers or your board.

Background

Where the experience comes from.

A tester's tools laid out on a desk

The work behind it

Years on the offensive side, now pointed at your stack.

Before going independent, I ran penetration tests and compliance assessments for SaaS platforms and health-tech companies inside established security firms. The kinds of problems were the same; the difference here is that I keep my client list small enough to do every part of it myself.

  • Hands-on web-app and external network penetration testing
  • SOC 2 and HIPAA readiness, from gap assessment to evidence
  • Cloud configuration and access reviews for AWS, GCP, and Azure
  • Threat modeling that keeps the report short and specific
See the full service breakdown
Light moving through a quiet, modern office corridor

Talk to me directly

Wondering if a test is even worth it yet?

Call and you reach me — not a sales desk. The first conversation is free and there’s no obligation. We’ll figure out whether you actually need a test right now, and roughly what it’d cost.

(407) 227-2078 Tue–Sat 10am–6pm · Sun 11am–4pm · Mon closed
Find me 2545 Georgia Ave
Sanford, FL 32771
Open in maps →
Prefer email? hello@lindqvistsecurity.com
Usually a reply within a day.

No spam, no list. I read these myself.