dxw cyber is a security consultancy specialising in attack simulation.

We help our clients to be more secure by using real-world attack techniques to breach their systems, explaining how we did it and following up with long-term support and advice. We help teams move towards the culture and practices that improve security, and away from compliance-driven approaches to security.

Attack simulation

We can breach your systems using real-world techniques, to give you tangible, actionable information about your security.

System hardening

We can help you to secure your code, configurations and infrastructure, making it more resilient to attack.

Security culture

We can help you to shape the processes and cultures you'll need to manage security effectively in the long term

We are attack specialists

We believe that the only way to be more secure is to be regularly attacked, and that being able to detect and respond to malicious activity is the foundation of good security.

We put people first

We believe that organisations can only be secure if their security approach respects and supports the needs of the people whose work it affects.

Our principles

We believe that good information security is counter-intuitive. Our principles are different, and they guide everything we do.

Technical teams

We help teams to understand how attacks happen, how they can recognise them and what they can do to make breaches less likely and less damaging.


We help decision makers to understand the security risks in their services, and proportionate controls for them, so they can operate more securely.


We help leaders understand the values and principles that underpin good security, so they can help positive security cultures to flourish in their organisations.

“[The dxw cyber attack simulation] was performed to an incredibly high standard and we were very pleased with the way in which it was run, along with the output presented to us; a detailed rundown of vulnerabilities with a clear understanding of how to prioritise them, presented in a clear and actionable manner.”
Greg Annandale
Web Platform Lead at Raspberry Pi Foundation
“Harry and the team were incredibly fast in identifying a vulnerability that a generation of previous security experts, consultants and companies had completely failed to spot. They provided a mature, confidence-inspiring summary of the situation, including options to fix, and worked sensitively alongside our team in making sure that change was carried out well.”
Jason Caplin
Director, Digital and Technology at Barnardo's
“I think the work you guys did is outstanding, and makes a very interesting read. Your thoroughness is really impressive and your explanations of the vulnerabilities and their mitigations are very clear."”
David Cleave
Technical Architect, System C

dxw cyber was founded by Harry Metcalfe and Glyn Wintle. We're a growing team, committed to helping our clients to get better at security by giving them practical, focussed, pragmatic advice. Do you want to join us?