Code of Ethics

The principles that guide how we work, interact with clients, and uphold the trust placed in us as cybersecurity professionals.

1. Integrity

We act with honesty and transparency in all our dealings. We do not exaggerate our capabilities, fabricate findings, or misrepresent the severity of security issues. Our recommendations are based on objective analysis, not commercial interests.

2. Confidentiality

Client data, system information, and assessment findings are treated as strictly confidential. We implement robust access controls and do not disclose sensitive information to unauthorized parties.

3. Competence

We undertake work only within our areas of expertise. Our team maintains relevant certifications and engages in continuous professional development to ensure our knowledge remains current in a rapidly evolving threat landscape.

4. Objectivity

We provide independent, unbiased assessments. We disclose any potential conflicts of interest and avoid situations that could compromise our professional judgment.

5. Respect for the Law

All our activities comply with applicable laws and regulations. We obtain proper authorization before conducting security assessments and respect the legal rights of all parties.

6. Professionalism

We treat clients, colleagues, and the broader community with respect and courtesy. We do not engage in conduct that could bring disrepute to the cybersecurity profession or to UMBRELLA.

7. Accountability

We take responsibility for our actions and their consequences. When mistakes occur, we acknowledge them promptly and take corrective action. We welcome feedback as an opportunity to improve.

8. Reporting Violations

Concerns about potential violations of this code may be reported confidentially via our contact page. All reports will be investigated with discretion and appropriate follow-up.