Since 1999

Secure Your Custom Web Apps in Hours, Not Months

We're the fastest custom web app security experts in the business. We can patch dozens of client applications within a few hours of a known security risk, while other companies usually take months.

We'll show you how to optimize your custom code pipeline for rapid patching of supply chain vulnerabilities and to deploy reliable functional updates to your system like clockwork.

No. 1 Clipboard with audit items and one checked off.

Existing Code Security Review

Beyond automated scans, Rietta conducts a security-oriented code review to assess the security posture, recommend fundamental improvements, and prioritize into your existing development practices fixes for these issues.

No. 2 Docker is used for containers

Containerized CI/CD

To patch production 290% faster than your competitors, fundamental build and deploy process improvements must be put in place. Containerize your entire build process so that the same process runs on your developer systems, in your continuous testing, and continuous deployment process.

No. 3 User illustration with security shield.

Continuous Blue Team

We partner with your developers to be a blue team, working to systematically improve your security and maintainability of your custom software.

Core Capabilities

Rietta has invested itself in providing a deep set of solutions for each stage of the operational life cycle of a critical business system.

We provide tailored appsec solutions for clients who:

  • Operate SaaS businesses with data-breachable PII:

    We help SaaS businesses to protect their customers' data from breaches by providing security assessments, code review services, and long term maintenance for programming language-level dependencies.

  • Are healthcare organizations who are regulated HIPAA Covered Entities:

    We help healthcare organizations to comply with HIPAA regulations by providing security assessments, long term maintenance for programming language-level dependencies, and security awareness and training services.

  • Are Government agencies with custom web applications exposed to the public:

    We help government clients containerize their existing custom infrastructure, introduce build pipelines based on best practices, provide for long term maintainability of critical systems, and security awareness and training services.

  • Have existing software teams who are not themselves security experts:

    We have the heart of teachers when it comes to helping software engineers learn to build security into their work, not bolt in on at the end (ineffectively)!

AppSec Solutions by Industry

Expertly securing custom web applications with:

  • Container orchestration (Docker)
  • Cloud computing (AWS)
  • Web development frameworks (Ruby on Rails, Python/Django)
  • JavaScript clients

Specializing in supply chain vulnerability management to:

  • Keep third-party dependencies up to date
  • Avoid security disasters
Contact Us for a Free Consultation
Preview of PDF entitled Recipe Card for Strong Appsec Program by Frank Rietta

Recipe for a Strong Application Security Program (PDF)

We have prepared a recipe card for the 10 steps for a Strong Application Security Program for your organization written by Frank S. Rietta, MSIS. It's yours free without strings attached!

This is a great resource to hand out to your team.

Download PDF Blog


A Journey From QBasic Random Access Files to PostgreSQL

Dive into the evolution of data storage from the perspective of a seasoned developer. From the raw byte collections of QBasic’s random access files to the sophisticated transactions of PostgreSQL, this post explores the journey through various database technologies. Witness the transformation of data handling as we move from single-user systems to the multi-user, internet-driven databases that power today’s applications. …

Read More » Blog


The UniSuper/Google Lesson: Cloud is Not a Backup!

Learn from Google deleting all the data and backups of a $135 BILLION pension fund! Explore the lessons learned about backup and recovery and some practical tips for a 3-2-1 backup plan. …

Read More »