Hack23 AB Premium Cybersecurity Consulting | Sweden's Only Public ISMS

Security excellence through radical transparency. Expert ISO 27001, GDPR/NIS2, Singapore PDPA/MAS, and AWS security consulting in Sweden.

30+ years expertise • CISSP/CISM certified • ISO 27001 proven • Gothenburg-based

Explore Services View Public ISMS
📖 Learn More About Hack23 AB

At Hack23 AB, transparency operationalizes trust: every security control, risk assessment, and compliance decision is publicly documented through Sweden's only fully public ISMS, creating unprecedented credibility in cybersecurity consulting.

Founded in 2025 and based in Gothenburg, Sweden, we deliver expert security services across four integrated business lines:

1. Cybersecurity Consulting ISO 27001, GDPR, NIS2, Singapore PDPA/MAS Cybersecurity, AWS security architecture, DevSecOps integration
2. CIA Compliance Manager Automated CIA Triad assessments with NIST/ISO 27001/GDPR/HIPAA/SOC2/Singapore PDPA compliance mapping
3. Citizen Intelligence Agency Swedish parliamentary transparency and democratic accountability platform
4. Black Trigram Educational Korean martial arts game demonstrating security best practices

Led by James Pether Sörling (Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), AWS Security Specialty) with 30+ years of experience, Hack23 proves that security accelerates—rather than blocks—innovation when built on radical transparency.

OpenSSF Scorecard Deploy GitHub Hack23

🏆 Security & Quality Evidence

View our comprehensive security validation and quality metrics (15+ badges)

🔒 Security

OpenSSF Scorecard Scorecards OpenSSF Best Practices

🚀 Build Status

Deploy Quality Checks Dependency Review

📋 Compliance

ISMS Public Security Policy ISO 27001 GDPR

🏢 Company

Website GitHub Hack23 LinkedIn Company Swedish Company Registration OpenHub Profile
🌟 Why Hack23? 🥋 Black Trigram Game 🔒 CIA Compliance Manager 🔍 Citizen Intelligence Agency 🍎 Security Blog Follow Company

🌟 Why Choose Hack23 AB?

Sweden's only cybersecurity consultancy with a fully public ISMS, demonstrating transparency and security excellence that accelerates innovation rather than hindering it.

Core Differentiators

🔓 Radical Transparency

Sweden's only fully public Information Security Management System (ISMS) with 93 ISO 27001 controls, redacted risk registers, and complete policy documentation openly available. See exactly how we implement security—no hidden practices, no security theater.

  • 70% public / 30% responsibly redacted documentation
  • Live security metrics via OpenSSF Scorecard
  • Transparent risk assessments and treatment tracking

🎯 Proven Expertise

30+ years of hands-on software development and security architecture experience, backed by industry-leading certifications and real-world enterprise implementations.

  • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) certified security professional
  • AWS Security Specialty & Solutions Architect Pro
  • Led security programs at Stena AB, Polestar, WirelessCar, and other major enterprises

⚡ Security Accelerates Innovation

Security-enabled development that integrates seamlessly into DevSecOps workflows. We prove that proper security controls accelerate—not block—innovation and time-to-market.

  • SLSA Level 3 supply chain security implementations
  • Automated compliance validation & CI/CD integration
  • Zero-trust architectures with real-world performance

Practical Value

🛠️ Practical Solutions

No security theater—only implementable solutions tested in production. Our open-source projects demonstrate security best practices with measurable outcomes.

  • Open-source security tools used in production
  • Documented threat models & security architectures
  • Real-world AWS multi-region resilience patterns

📊 Measurable Outcomes

Data-driven security with quantifiable risk metrics, automated compliance tracking, and continuous improvement demonstrated through public documentation.

  • Quantitative risk assessment methodologies
  • Security KPIs aligned to business objectives
  • Automated compliance mapping (ISO/NIST/GDPR/NIS2)

🌍 Nordic Innovation Hub

Gothenburg-based cybersecurity expertise combining Swedish innovation culture with international enterprise experience across automotive, logistics, and technology sectors.

  • Remote or in-person consulting (Gothenburg)
  • English & Swedish service delivery
  • GDPR/NIS2 compliance for Nordic market

🛡️ Information Security Governance

Demonstrating security through transparency. Our public Information Security Management System (ISMS) shows how enterprise‑grade controls enable innovation, consulting delivery, and product development. Access the continuously improved documentation set and the governing Information Security Policy covering purpose, principles, roles, and our risk & compliance model.

📋 Public ISMS Repository

Living documentation: policies, redacted registers, resilience & secure development practices (~70% public / 30% responsibly redacted).

ISMS Public Repository

🔒 Information Security Policy

Core policy: purpose, scope, principles (Security by Design, Transparency, Continuous Improvement, Business Value), roles & document map.

Information Security Policy

🔑 Security Services

Professional cybersecurity consulting services delivered remotely or in-person in Gothenburg. Drawing from over three decades of experience in software development and security architecture, we deliver practical security solutions that integrate seamlessly into your development processes without hindering innovation.

🏗️ Security Architecture & Strategy

Enterprise security frameworks, risk assessment, and governance aligned with business objectives.

  • Enterprise Security Architecture
  • Risk Assessment & Management
  • Security Strategy Development

☁️ Cloud Security & DevSecOps

AWS security assessment, Infrastructure as Code security, CI/CD integration.

  • Secure Cloud Solutions (AWS Advanced)
  • DevSecOps Integration
  • Container & Serverless Security

🔧 Secure Development & Compliance

SDLC security integration, ISO 27001, GDPR/NIS2 compliance, OSPO management.

  • CI/CD Security Integration
  • Regulatory Compliance (GDPR, NIS2, ISO 27001)
  • Open Source Security
View All Services & Expertise Areas →

🚀 Open Source Projects

Demonstrating security best practices through production applications

Black Trigram

🥋 Black Trigram

Precision combat simulator with 70 vital points system, 5 archetypes, and authentic Korean martial arts techniques.

Learn More → 🎮 Play Now
CIA Compliance

🔐 CIA Compliance Manager

Security assessment platform with CIA Triad evaluation and compliance mapping to NIST, ISO 27001, GDPR, HIPAA, SOC2.

Learn More → 🚀 Try Demo
CIA Project

🔍 Citizen Intelligence Agency

Swedish political transparency OSINT platform with parliamentary monitoring and accountability metrics.

Learn More → ✨ Features
View All Projects & Demos →

💼 CEO James Pether Sörling

Leadership & Expertise

Company Leadership & Security Expert

James Pether Sörling, CEO of Hack23 AB

CEO/Founder of Hack23 AB, James brings over 30 years of information technology experience, specializing in security architecture, cloud security, and compliance. Professional certifications include CISSP, CISM, AWS Security Specialty, and AWS Solutions Architect Professional.

🎯 Key Qualifications:

CISSP CISM AWS Security Specialty AWS Solutions Architect Pro

🏢 Recent Leadership Roles:

  • Jun 2025-Present: CEO / Founder, Hack23 AB
  • Oct 2024-Jul 2025: Application Security Officer, Stena AB
  • Mar 2022-Sep 2024: Information Security Officer, Polestar
  • Jan 2018-Mar 2022: Senior Security Architect, WirelessCar
LinkedIn Profile Technical Talks Security Blog

Recent Professional Experience

Extensive leadership experience in enterprise security and cloud architecture across major organizations:

  • Jun 2025-Present: Chief Executive Officer, Hack23 AB - Swedish Innovation Hub Leadership, Game Development Strategy
  • Oct 2024-Jul 2025: Application Security Officer, Stena AB - Risk Assessment, Cloud Security, AI Governance
  • Mar 2022-Sep 2024: Information Security Officer, Polestar - ISMS Implementation, Security Compliance, OSPO Lead

Martial Arts Background

James has extensive experience in traditional Korean martial arts, bringing authentic knowledge to the Black Trigram project:

  • 1999: Black Belt Song Moo Kwan Korea - Traditional Taekwondo certification
  • 2024: 3rd Dan Kukkiwon - World Taekwondo Headquarters certification
  • 2015-2017: Taekwondo Instructor, Tor Taekwondo klub - Teaching children's classes
  • 2002-2003: Taekwondo Instructor, Haga Taekwondo club - Community instruction
  • 1994-1996: Taekwondo Instructor, Hworangi Taekwondo - Early teaching experience

Martial Arts Philosophy: This deep understanding of Korean martial arts traditions directly influences the authentic techniques, cultural respect, and educational value integrated into Black Trigram's combat system.

Career History

Enterprise Architecture Experience

Security architecture and consulting roles at leading technology companies:

  • Jan 2018-Mar 2022: Senior Security Architect, WirelessCar - Security Architecture, AWS Security, Secure Development
  • Jan 2018-Nov 2018: Consultant, Omegapoint - Security Architect role at WirelessCar
  • Mar 2017-Jan 2018: Consultant, Consid AB - Open Source Development, CI/CD, AWS
  • 2010-Mar 2017: Cloud Architect, Keypasco - Cloud Security Solutions, Multi-Tier Architecture

Key Achievements: Founded Hack23 AB in 2025, led Open Source Program Office at Polestar, implemented enterprise security architectures, spoke at Javaforum Göteborg, featured in Computer Sweden.

Software Development Background

Foundation experiences in software engineering and system development:

  • 2008-2009: Consultant, Redpill Linpro - Technical support and client assignments across Sweden, Norway, Denmark
  • 2007-2008: Consultant, Singlegrid (London) - Continuous integration and build management solutions
  • 2006-2007: System Developer, Sky (London) - J2EE projects using XP/Agile development
  • 2003-2005: J2EE Developer, Glu Mobile (London) - Mobile service products development
  • 2000-2002: Software Engineer, Volantis Systems (London) - Multi-channel server product design and implementation

Early Career & Military Service

Foundation experiences that shaped leadership and technical expertise:

  • 1999-2003: Unix Helpdesk/Teaching Assistant, Chalmers University of Technology - System administration and tutorial teaching
  • Jun-Aug 1999: Visual C++ Programmer, IETV AB - Production control system development
  • 1996-1997: NBC-Defence Group Leader, Swedish Armed Forces - Leadership and security responsibilities
  • 1993-1996: Founder, Equal Rites BBS - Early networking and system administration (Fidonet node 2:203/454)

🎤 Technical Talks & Presentations

🎙️ Javaforum Göteborg

Presentation on secure architecture patterns and best practices for enterprise Java applications.

▶️ Watch Presentation

🎙️ Shift Left Like A Boss

Security podcast guest appearance discussing DevSecOps practices and supply chain security.

🎧 Listen to Podcast

Press Coverage

Computer Sweden

This article highlights the innovative use of technology in revealing the activities of politicians. It features James Pether Sörling's work in leveraging data-driven insights to promote transparency in political processes.

Read Article

Riksdag och Departement

A Swedish publication that discusses the role of Citizen Intelligence Agency in monitoring politicians. It underscores James Pether Sörling's commitment to fostering accountability in politics through the strategic use of technology.

Read Article

National Democratic Institute

A comprehensive survey report that underscores the importance of parliamentary monitoring organizations in Sweden. It acknowledges James Pether Sörling's significant contributions to these organizations, reinforcing his commitment to strengthening democratic processes.

View Report

Past Projects

Sonar-CloudFormation-Plugin

SonarQube plugin for analyzing AWS CloudFormation templates with security best practices based on NIST, CWE, and ISO standards.

CII Best Practices OpenSSF Scorecard

View All Badges

Quality & Security
License Maven Central
GitHub Maven Central

CIA Dashboard

Political activity dashboard for Sweden, offering comprehensive visualizations of parliamentary activity and political performance metrics.

View Documentation

Frequently Asked Questions

Common questions about Hack23's cybersecurity services, public ISMS, and approach to security consulting.

What makes Hack23 AB different from other cybersecurity consultancies?

Hack23 AB operates Sweden's only fully public Information Security Management System (ISMS), demonstrating radical transparency with 93 ISO 27001 controls publicly documented. Unlike traditional consultancies, we prove our security practices through open-source projects and measurable outcomes.

Key differentiators:

  • Public ISMS: 70% of our security controls are openly accessible for review
  • Open Source: All our security tools and frameworks are available on GitHub
  • Proven Track Record: OpenSSF Scorecard ratings and CII Best Practices badges
  • Security-Enabled Innovation: We show that proper security accelerates rather than hinders innovation

What cybersecurity services does Hack23 AB offer?

We provide comprehensive cybersecurity consulting services including:

  • Security Architecture & Strategy: Design and implementation of robust security frameworks
  • Cloud Security & DevSecOps: AWS specialty with SLSA Level 3 supply chain security
  • Secure Development & Code Quality: Integration of security into CI/CD pipelines
  • Compliance & Regulatory: ISO 27001, GDPR, NIS2, Singapore PDPA/MAS Cybersecurity, CRA implementation and auditing
  • Open Source Security: OSPO management and supply chain risk assessment
  • Security Culture & Training: Building security awareness and best practices

All services are delivered remotely or in-person in Gothenburg, Sweden, available in English and Swedish.

What certifications does Hack23 AB hold?

Our CEO James Pether Sörling holds industry-leading certifications:

  • CISSP: Certified Information Systems Security Professional by (ISC)²
  • CISM: Certified Information Security Manager by ISACA
  • AWS Certified Security - Specialty: Advanced cloud security expertise
  • AWS Certified Solutions Architect - Professional: Enterprise architecture design

These certifications are backed by 30+ years of hands-on software development and security architecture experience, demonstrating deep technical expertise combined with strategic security leadership.

How does Hack23's public ISMS benefit clients?

Our public ISMS provides unprecedented transparency that directly benefits clients:

  • Pre-Engagement Verification: Review our actual security controls, risk assessments, policies, and compliance documentation before engagement
  • Real-World Implementation: See proven implementation of ISO 27001, GDPR, NIS2, and other frameworks
  • Evidence-Based Expertise: Our expertise is demonstrated through documented evidence rather than marketing claims
  • Best Practices Reference: Use our public ISMS as a template for your own security program
  • Balanced Transparency: ~70% public documentation with 30% responsibly redacted for operational security

Visit our Public ISMS Repository to explore our security controls and documentation.

Where is Hack23 AB located and do you work remotely?

Hack23 AB is based in Gothenburg, Sweden (Org.nr 5595347807). We offer flexible engagement options:

  • Remote Consulting: Services delivered across Europe and globally via secure remote channels
  • In-Person Engagements: Available in the Gothenburg area and across Sweden
  • Language Support: Professional services in English and Swedish
  • Time Zone: Central European Time (CET/CEST)

Our remote-first approach is backed by secure communication protocols and collaboration tools, ensuring effective delivery regardless of location.

What is the CIA Compliance Manager?

CIA Compliance Manager is our flagship open-source security assessment platform that evaluates Confidentiality, Integrity, and Availability (CIA Triad) with enterprise features:

  • Automated Assessment: Comprehensive evaluation of security controls across all three CIA domains
  • Business Impact Analysis: Quantify security risks and their business impact
  • Compliance Mapping: Automatic mapping to NIST, ISO 27001, GDPR, HIPAA, SOC2, and CRA frameworks
  • Threat Modeling: Integrated STRIDE analysis and risk visualization
  • Evidence Collection: Automated documentation for audits and compliance reporting

Learn more about CIA Compliance Manager features and how it demonstrates our practical approach to security automation.

How does Hack23 approach DevSecOps and secure development?

We integrate security seamlessly into development workflows without sacrificing velocity:

  • CI/CD Integration: Automated security testing in every build pipeline
  • SLSA Level 3: Supply chain security with provenance attestation and build integrity
  • Shift-Left Security: Security testing early in the development lifecycle
  • Continuous Compliance: Automated validation against security standards
  • Security as Code: Infrastructure and security controls defined in version control
  • Open Source Best Practices: OpenSSF Scorecard ratings and CII Best Practices badges

Our open-source projects demonstrate real-world DevSecOps implementation that maintains development velocity while ensuring security. Visit our GitHub organization to see our security automation in action.

🔍 Free Security Assessment Checklist

Download our comprehensive 95-point security assessment guide. Evaluate your organization's security posture across 7 critical domains: Architecture, Access Control, Data Protection, Network Security, Vulnerability Management, Incident Response, and Compliance.

Based on ISO 27001, NIST CSF, and CIS Controls • Used by Enterprise Security Teams

Get Your Free Checklist