Security Research Labs

Headquarter

  • Berlin

CEO

Wolf Richter

Security Research Labs (SRLabs) is an independent cybersecurity research and consulting specialist focused on critical infrastructure and emerging technologies. The company helps organisations identify vulnerabilities, strengthen resilience and address complex security challenges through deep technical expertise and cutting-edge research. By doing so, SRLabs enables organisations to innovate with confidence.

 

SRLabs
in numbers

65 Employees
+500 Customers

About

Aim & Mission

SRLabs exists to make the world more secure – one organisation at a time. Rooted in deep hacking research and adversarial thinking, the company translates cutting-edge security insights into real-world resilience. Its mission is to help organisations understand their true risk exposure and act on it decisively through offensive security, red teaming and expert advisory. The result is stronger defences, reduced attack surface and security postures that hold up against the threats that matter most.

Services

SRLabs delivers cybersecurity services built on adversarial expertise: red teaming, penetration testing, telco security and device testing to uncover critical vulnerabilities. The company audits blockchain implementations, conducts security maturity reviews and streamlines vulnerability prioritization. For organisations scaling fast, SRLabs incubates entire security teams, ensuring security is embedded from day one.

Products & Platforms

SRLabs' methodology is rooted in adversarial thinking, approaching every engagement from the attacker's perspective. Rather than relying solely on checklists or compliance frameworks, the company combines deep hacking research with hands-on technical analysis to uncover what truly matters. This research-led approach ensures findings are actionable, prioritised by real-world risk and translated into measurable improvements.

Aim & Mission

SRLabs exists to make the world more secure – one organisation at a time. Rooted in deep hacking research and adversarial thinking, the company translates cutting-edge security insights into real-world resilience. Its mission is to help organisations understand their true risk exposure and act on it decisively through offensive security, red teaming and expert advisory. The result is stronger defences, reduced attack surface and security postures that hold up against the threats that matter most.

Services

SRLabs delivers cybersecurity services built on adversarial expertise: red teaming, penetration testing, telco security and device testing to uncover critical vulnerabilities. The company audits blockchain implementations, conducts security maturity reviews and streamlines vulnerability prioritization. For organisations scaling fast, SRLabs incubates entire security teams, ensuring security is embedded from day one.

Products & Platforms

SRLabs' methodology is rooted in adversarial thinking, approaching every engagement from the attacker's perspective. Rather than relying solely on checklists or compliance frameworks, the company combines deep hacking research with hands-on technical analysis to uncover what truly matters. This research-led approach ensures findings are actionable, prioritised by real-world risk and translated into measurable improvements.

Aim & Mission

Services

Products & Platforms

Aim & Mission

Services

Products & Platforms

Case studies

BogusBazaar: exposing one of the world’s largest fake webshop networks

SRLabs uncovered a global network of more than 75,000 fraudulent online stores designed to systematically deceive consumers at scale. The investigation revealed the scope, structure, and operating methods of one of the largest known fake webshop ecosystems, providing unique insights and highlighting the effectiveness of intelligence-led cybersecurity research.

Hacking AI agents beyond prompt injection

As enterprise AI assistants are deployed at unprecedented speed, SRLabs demonstrated how security weaknesses in the infrastructure surrounding these systems can lead to full application compromise, including access to sensitive AI interactions and identity systems. The research highlights an often-overlooked attack surface created by rapid AI adoption and shows why securing AI agents requires protecting the entire ecosystem, not just the AI model itself.

Black Basta Buster: Recovering encrypted files without paying ransom

SRLabs identified a critical weakness in the Black Basta ransomware and developed a practical recovery method that enables affected organizations to decrypt files without paying the ransom. The researchers shared their findings with victims, CERTs, DFIR providers, and law enforcement. The work helped victims restore access to critical data and reduce the real-world impact of the campaign.

BogusBazaar: exposing one of the world’s largest fake webshop networks

Hacking AI agents beyond prompt injection

Black Basta Buster: Recovering encrypted files without paying ransom

Contact SRLabs

Get in touch to learn how Allurity and the team at SRLabs help organisations identify vulnerabilities and strengthen resilience through advanced security research and technical consulting.

Fill in your details
Or talk to Wolf Richter
Portrait image of Wolf Richter