Development and Security

Jemurai is a security company with deep experience in both application development and security.

Fractional CISO

We help you build a security program.

JASP: Cloud Security Automation

Use our platform to continuously check the security of your systems.


We teach leaders and developers about security in fun, hands on and language relevant training with online reinforcement.

Penetration Testing

We break apps to make them stronger.

Latest Jemurai Blog Posts

JASP Check Deep Dive: S3

Posted By

It is very common to find Amazon S3 buckets misconfigured.  We found one in a pen test this week.  We find them frequently.  The most common things we see with S3 buckets is that people leave them open to the world and don’t encrypt them.  The one we found this week also let us delete […]

Nov 8,2018No Comments

JASP Meta: November 2018 Edition

Posted By

Building JASP has been a really interesting experience for all of us at Jemurai (  This post captures some of what I think we’re seeing and learning right now. We bootstrapped.  Lots of people think raising venture capital for an idea is the best way to build and grow.  We still bootstrapped.  That means we paid […]

Nov 6,2018No Comments

JASP Check Deep Dive: ECR

Posted By

As we build JASP, we’re brainstorming and learning about security (so far, primarily in AWS).  This is the first in a series of “Check Deep Dive” posts that talk about things we are checking for in JASP.  It seems like an interesting area to share information.  Incidentally, we’re also going to post more meta posts […]

Oct 31,2018No Comments