Services Demo Blog Team FAQ Book a call → Wersja polska
Team

One understands
why you lose contracts.
The other fixes it.

You talk directly to the people working on your project — not an account manager passing tasks along.

Why this duo

We don’t write a report
and walk away.
We implement and leave
working code.

01
Context before code Before we touch your repository, we assess your pipeline security posture — and scope the hardening around specific risks and regulatory requirements.
02
Implementation, not recommendation You don’t receive a to-do list. Every change lands as code in Git — versioned, auditable, ready to show an auditor.
03
We know what’s happening in your repo We enter the repository ourselves — not through an intermediary. That means there’s no translation layer between the problem and the fix.
Michał Jaśniewski — Co-Founder CyberForge, Business Development
Co-Founder · Business Development
Michał Jaśniewski
Your point of contact from the first call through project delivery. Specializes in translating regulatory requirements and auditor expectations (DORA, NIS2, SOC 2) into a concrete technical scope — so Szymon knows exactly what to implement, and you know exactly what you’ll receive. Understands the sales-blocking mechanism from the vendor assessment and compliance side.
Business Development Sales DORA NIS2 Compliance
LinkedIn michal@cyberforge.agency
Szymon Mytych — Co-Founder CyberForge, Lead Engineer DevSecOps
Co-Founder · Lead Engineer
Szymon Mytych
Responsible for all technical implementations — enters the repository, configures, and delivers. CI/CD pipelines are his core domain: hardening GitHub Actions and GitLab CI, deploying OIDC to eliminate static secrets, generating SBOMs, signing artifacts via Cosign, policy-as-code. Every change as code in Git — versioned, auditable, ready to present to an auditor without additional documentation.
GitHub Actions GitLab CI OIDC SBOM Cosign Kubernetes Trivy
LinkedIn szymon@cyberforge.agency

Role division in every project

Who does what — no ambiguity.

Area
Michał
Szymon
Discovery Call — problem diagnosis
● lead
Pricing and project scope
● lead
○ input
CI/CD Security Snapshot (scan)
● lead
Hardening — GitHub Actions / GitLab CI
● lead
OIDC, SBOM, Cosign, policy-as-code
● lead
Evidence Pack — DORA / NIS2 mapping
○ review
● lead
Auditor / compliance communication
● lead
○ support
Deliverables handoff
● lead
○ support
👤

We’re pre-launch — and we’re upfront about it

CyberForge is in pre-launch phase. We offer pilot engagements at a reduced rate in exchange for a reference and a published case study. If you have a VRA, DORA audit, or SOC 2 on the horizon — this is a good time to talk.

Let’s talk →