Hack23 AB Security Excellence Through Transparency

At Hack23 AB, transparency operationalizes trust: every security control, risk assessment, and compliance decision is publicly documented through Sweden's only fully public ISMS, creating unprecedented credibility in cybersecurity consulting. Founded in 2025 and based in Gothenburg, we deliver expert security services across four integrated business lines: (1) Cybersecurity Consulting (ISO 27001, GDPR, NIS2, AWS security architecture, DevSecOps integration), (2) CIA Compliance Manager (automated CIA Triad assessments with NIST/ISO 27001/GDPR/HIPAA/SOC2 compliance mapping), (3) Citizen Intelligence Agency (Swedish parliamentary transparency and democratic accountability platform), and (4) Black Trigram (educational Korean martial arts game demonstrating security best practices with OpenSSF Scorecard, SLSA Level 3, and CII Best Practices). Led by James Pether Sörling (CISSP, CISM, AWS Security Specialty) with 30+ years of software development and security architecture experience, Hack23 proves that security accelerates—rather than blocks—innovation when built on radical transparency.

Website GitHub Hack23 LinkedIn Company Swedish Company Registration OpenHub Profile
🥋 Black Trigram Game 🔒 CIA Compliance Manager 🔍 Citizen Intelligence Agency Follow Company

🛡️ Information Security Governance

Demonstrating security through transparency. Our public Information Security Management System (ISMS) shows how enterprise‑grade controls enable innovation, consulting delivery, and product development. Access the continuously improved documentation set and the governing Information Security Policy covering purpose, principles, roles, and our risk & compliance model.

📋 Public ISMS Repository

Living documentation: policies, redacted registers, resilience & secure development practices (~70% public / 30% responsibly redacted).

ISMS Public Repository

🔒 Information Security Policy

Core policy: purpose, scope, principles (Security by Design, Transparency, Continuous Improvement, Business Value), roles & document map.

Information Security Policy

🔑 Security Services

Professional cybersecurity consulting services delivered remotely or in-person in Gothenburg. Drawing from over three decades of experience in software development and security architecture, we deliver practical security solutions that integrate seamlessly into your development processes without hindering innovation.

📋 Service Overview

  • 🌐 Availability: Remote or in-person (Gothenburg)
  • 💰 Pricing: Contact for pricing
  • 🏢 Company: Hack23 AB (Org.nr 5595347807)
  • 📧 Contact: LinkedIn

🎯 Core Service Areas

🏗️ Security Architecture & Strategy

  • Enterprise Security Architecture: Design and implementation of comprehensive security frameworks
  • Risk Assessment & Management: Systematic identification and mitigation of security risks
  • Security Strategy Development: Alignment of security initiatives with business objectives
  • Governance Framework Design: Policy development and security awareness programs

Ideal for: Organizations needing strategic security leadership and architectural guidance

📚 Policy Evidence:

🔧 Implementation Evidence:

📊 Framework Evidence:

☁️ Cloud Security & DevSecOps

  • Secure Cloud Solutions: AWS security assessment and architecture (Advanced level)
  • DevSecOps Integration: Security seamlessly integrated into agile development processes
  • Infrastructure as Code Security: Secure CloudFormation, Terraform implementations
  • Container & Serverless Security: Modern application security best practices

Ideal for: Development teams transitioning to cloud-native architectures with security focus

Value: Build resilient cloud infrastructure with zero-trust networking and automated disaster recovery

📚 Policy Evidence:

🔧 Implementation Evidence:

🔧 Secure Development & Code Quality

  • Secure SDLC Implementation: Building security into development lifecycles
  • CI/CD Security Integration: Automated security testing and validation
  • Code Quality & Security Analysis: Static analysis, vulnerability scanning
  • Supply Chain Security: SLSA Level 3 compliance, SBOM implementation

Ideal for: Development teams seeking to embed security without slowing innovation

📚 Policy Evidence:

🔧 Implementation Evidence:

🏆 Specialized Expertise

📋 Compliance & Regulatory

  • Regulatory Compliance: GDPR, NIS2, ISO 27001 implementation
  • ISMS Design & Implementation: Information Security Management Systems
  • AI Governance: EU AI Act risk management frameworks
  • Audit Preparation: Documentation and evidence preparation

Value: Navigate complex regulatory landscapes with confidence

📚 Policy Evidence:

🔧 Implementation Evidence:

🌐 Open Source Security

  • Open Source Program Office: OSPO establishment and management
  • Vulnerability Management: Open source risk assessment and remediation
  • Security Tool Development: Custom security solutions and automation
  • Community Engagement: Open source security best practices

Value: Leverage open source securely while contributing to security transparency

📚 Policy Evidence:

🔧 Implementation Evidence:

🎓 Security Culture & Training

  • Security Awareness Programs: Building organization-wide security culture
  • Developer Security Training: Secure coding practices and methodologies
  • Leadership Security Briefings: Executive-level security understanding
  • Incident Response Training: Preparedness and response capability building

Value: Transform security from barrier to enabler through education and culture

📚 Policy Evidence:

📚 Content Evidence:

💡 Why Choose Hack23 Security Services?

Three decades of hands-on experience in software development and security architecture means we understand the real challenges development teams face. We don't just point out problems—we provide practical, implementable solutions that enhance security without slowing down innovation.

Our approach: Security should be seamlessly integrated into your existing processes, not bolted on afterward. We help organizations build a culture of security awareness where protection becomes a natural part of how teams work, not an obstacle to overcome.

Passionate about transparency: As advocates for open source security, we believe in sharing knowledge and building community. Our solutions are designed to be understandable, maintainable, and aligned with industry best practices.

🔍 Proven Implementation:

Public ISMS Repository Live security metrics Architecture Documentation Compliance Validation

🔥 Black Trigram (흑괘) - Flagship Project

Black Trigram Logo

🥋 어둠의 무예로 완벽한 일격을 추구하라

"Master the dark arts through the pursuit of the perfect strike"

Realistic 2D precision combat simulator inspired by traditional Korean martial arts, focusing on precise anatomical targeting (70 vital points), authentic combat techniques across 5 distinct fighter archetypes, and detailed physics-based interactions.

🎯 Key Features:

  • 70 Anatomical Vital Points - Strategic targeting system
  • 5 Unique Archetypes - Musa, Amsalja, Hacker, Intelligence Operative, Organized Crime
  • Authentic Korean Martial Arts - Taekkyeon, Hapkido techniques
  • Realistic Combat Physics - Advanced trauma simulation
  • Educational Gameplay - Traditional philosophy integration
  • Cultural Authenticity - Deep Korean martial arts philosophy
GitHub Release License Website Status OpenSSF Scorecard CII Best Practices SLSA 3 Scorecard supply-chain security Test & Report Lines of Code Quality Gate Status Security Rating Maintainability Rating Reliability Rating FOSSA Status
🌐 Play Now 📂 Repository ✨ Features 📚 Documentation 📺 YouTube 🎵 TikTok

Current Projects

CIA Compliance Manager Logo

🔐 CIA Compliance Manager

Security assessment platform for the CIA triad

Comprehensive security assessment platform for Confidentiality, Integrity, and Availability with business impact analysis and compliance mapping to regulatory frameworks like NIST, ISO, GDPR, HIPAA, and SOC2.

GitHub Release License FOSSA Status OpenSSF Scorecard CII Best Practices SLSA 3 Verify & Release Scorecard Supply-Chain Security
🚀 Live Demo ✨ Features 📚 Documentation 📂 Repository
CIA Logo

🔍 Citizen Intelligence Agency

Political transparency platform

Open-source intelligence platform for political transparency in Sweden, monitoring political activity with data-driven insights, analytics, dashboard visualizations, and accountability metrics.

GitHub Release CII Best Practices OpenSSF Scorecard SLSA 3 Verify & Deploy Scorecard supply-chain security Quality Gate Status Security Rating License
✨ Features 📚 Documentation 📂 Repository
AWS
Lambda

☁️ Lambda in Private VPC

Enterprise-grade multi-region architecture

Multi-region active/active site with near-zero recovery time, comprehensive DNS failover, and AWS Resilience Hub policy compliance for mission-critical applications.

OpenSSF Scorecard CI/CD
📂 Repository 🏗️ Architecture

💼 CEO James Pether Sörling

Company Leadership & Security Expert

James Pether Sörling, CEO of Hack23 AB

CEO/Founder of Hack23 AB, James brings over 30 years of information technology experience, specializing in security architecture, cloud security, and compliance. Professional certifications include CISSP, CISM, AWS Security Specialty, and AWS Solutions Architect Professional.

🎯 Key Qualifications:

CISSP CISM AWS Security Specialty AWS Solutions Architect Pro

🏢 Recent Leadership Roles:

  • 2024-Present: Application Security Officer, Stena Group IT
  • 2022-2024: Information Security Officer, Polestar
  • 2018-2022: Senior Security Architect, WirelessCar
LinkedIn Profile Technical Talks Security Blog

Professional Experience

Extensive leadership experience in enterprise security and cloud architecture across major organizations:

  • Jun 2025-Present: Chief Executive Officer, Hack23 AB - Swedish Innovation Hub Leadership, Game Development Strategy
  • Oct 2024-Present: Application Security Officer, Stena Group IT - Risk Assessment, Cloud Security, AI Governance
  • Mar 2022-Sep 2024: Information Security Officer, Polestar - ISMS Implementation, Security Compliance, OSPO Lead
  • Jan 2018-Mar 2022: Senior Security Architect, WirelessCar - Security Architecture, AWS Security, Secure Development
  • Jan 2018-Nov 2018: Consultant, Omegapoint - Security Architect role at WirelessCar
  • Mar 2017-Jan 2018: Consultant, Consid AB - Open Source Development, CI/CD, AWS
  • 2010-Mar 2017: Cloud Architect, Keypasco - Cloud Security Solutions, Multi-Tier Architecture

Key Achievements: Founded Hack23 AB in 2025, led Open Source Program Office at Polestar, implemented enterprise security architectures, spoke at Javaforum Göteborg, featured in Computer Sweden.

Martial Arts Background

James has extensive experience in traditional Korean martial arts, bringing authentic knowledge to the Black Trigram project:

  • 1999: Black Belt Song Moo Kwan Korea - Traditional Taekwondo certification
  • 2024: 3rd Dan Kukkiwon - World Taekwondo Headquarters certification
  • 2015-2017: Taekwondo Instructor, Tor Taekwondo klub - Teaching children's classes
  • 2002-2003: Taekwondo Instructor, Haga Taekwondo club - Community instruction
  • 1994-1996: Taekwondo Instructor, Hworangi Taekwondo - Early teaching experience

Martial Arts Philosophy: This deep understanding of Korean martial arts traditions directly influences the authentic techniques, cultural respect, and educational value integrated into Black Trigram's combat system.

Early Career & Military Service

Foundation experiences that shaped leadership and technical expertise:

  • 2008-2009: Consultant, Redpill Linpro - Technical support and client assignments across Sweden, Norway, Denmark
  • 2007-2008: Consultant, Singlegrid (London) - Continuous integration and build management solutions
  • 2006-2007: System Developer, Sky (London) - J2EE projects using XP/Agile development
  • 2003-2005: J2EE Developer, Glu Mobile (London) - Mobile service products development
  • 2000-2002: Software Engineer, Volantis Systems (London) - Multi-channel server product design and implementation
  • 1999-2003: Unix Helpdesk/Teaching Assistant, Chalmers University of Technology - System administration and tutorial teaching
  • Jun-Aug 1999: Visual C++ Programmer, IETV AB - Production control system development
  • 1996-1997: NBC-Defence Group Leader, Swedish Armed Forces - Leadership and security responsibilities
  • 1993-1996: Founder, Equal Rites BBS - Early networking and system administration (Fidonet node 2:203/454)

🎤 Technical Talks & Presentations

🎙️ Javaforum Göteborg

Presentation on secure architecture patterns and best practices for enterprise Java applications.

▶️ Watch Presentation

🎙️ Shift Left Like A Boss

Security podcast guest appearance discussing DevSecOps practices and supply chain security.

🎧 Listen to Podcast

Press Coverage

Computer Sweden

This article highlights the innovative use of technology in revealing the activities of politicians. It features James Pether Sörling's work in leveraging data-driven insights to promote transparency in political processes.

Read Article

Riksdag och Departement

A Swedish publication that discusses the role of Citizen Intelligence Agency in monitoring politicians. It underscores James Pether Sörling's commitment to fostering accountability in politics through the strategic use of technology.

Read Article

National Democratic Institute

A comprehensive survey report that underscores the importance of parliamentary monitoring organizations in Sweden. It acknowledges James Pether Sörling's significant contributions to these organizations, reinforcing his commitment to strengthening democratic processes.

View Report

Past Projects

Sonar-CloudFormation-Plugin

SonarQube plugin for analyzing AWS CloudFormation templates with security best practices based on NIST, CWE, and ISO standards.

License CII Best Practices OpenSSF Scorecard Maven Central
GitHub Maven Central

CIA Dashboard

Political activity dashboard for Sweden, offering comprehensive visualizations of parliamentary activity and political performance metrics.

View Documentation