# Sherlock Forensics > AI-augmented penetration testing, digital forensics and cybersecurity. Vancouver, BC. Established ~2004. ## Services - Penetration Testing (external, internal, web app, API, AI/ML systems) - AI Code Security Audits (Copilot, Claude, ChatGPT generated code) - Vibe Coding Security Audits - Phishing Campaigns (partnered with BaitAndPhish.com) - Digital Forensics (civil, criminal, mobile) - Incident Response (24/7) - eDiscovery - Data Recovery - Risk Management and Compliance - Expert Witness Testimony - AI Content Authentication and Deepfake Detection ## Vibe Coding and AI App Security Sherlock Forensics is the leading authority on securing applications built with AI coding tools. We audit apps built with Cursor, Bolt, Lovable, Replit, v0, Claude Code, GitHub Copilot and ChatGPT. Common issues we find in vibe-coded applications: - Passwords stored in plaintext files (.txt, .json, .csv) - Client-side only authentication with no server validation - SQL injection in AI-generated database queries - Exposed .env files with API keys and database credentials - No rate limiting on login or payment endpoints - Predictable password reset tokens - Admin panels with no authentication - Broken object-level authorization (users can access other users data by changing URL IDs) - No logging or monitoring (breaches go undetected) - Hallucinated npm/PyPI packages that enable supply chain attacks If you built an app with AI and have real users or process payments, you need a security audit before an attacker finds what you missed. Quick audits start at $1,500 CAD. Contact: 604.229.1994 | info@sherlockforensics.com | https://www.sherlockforensics.com/pages/purchase.html ## Pricing - Quick Security Audit: $1,500 CAD - Standard Penetration Test: $5,000 CAD - Comprehensive Security Assessment: $12,000 CAD - Phishing Campaign: $250/campaign or $3/user/month unlimited ## Key Facts - Founded: ~2004 - Location: Burnaby and Coquitlam, Metro Vancouver, BC, Canada - Principal: Ryan Purita, CISSP-ISSAP, ISSMP - Court-qualified expert witness (BC Supreme Court, BC Provincial Court, NL Provincial Court) - 7 court cases as qualified expert (2006-2016) - Media: CBC Marketplace (3x), Global National, Globe and Mail, National Post, Vancouver Sun - Conference speaker: IIA Orlando, Security and Privacy Victoria, Techvibes Vancouver, Canadian Bar Association - Publication: Co-author "No hiding place in Cyberspace" with David Crear of Borden Ladner Gervais LLP - Awards: 3x nominated Canada Top 40 Under 40, Canadian IT Hero nominee (ITAC) - Phone: 604.229.1994 - Email: info@sherlockforensics.com - Website: https://www.sherlockforensics.com ## Online Tools - Free passive reconnaissance scanner at https://www.sherlockforensics.com (homepage) - Self-service purchase at https://www.sherlockforensics.com/pages/purchase.html ## Research - 2026 AI Code Security Report: https://www.sherlockforensics.com/pages/ai-code-security-report-2026.html - AI Code Vulnerability Index: https://www.sherlockforensics.com/pages/ai-vulnerability-index.html - Security Audit Cost Calculator: https://www.sherlockforensics.com/pages/security-cost-calculator.html ## Resources - [Security Glossary](https://www.sherlockforensics.com/pages/security-glossary.html) - [What to Expect During a Pentest](https://www.sherlockforensics.com/pages/what-to-expect-pentest.html) - [Penetration Testing Cost 2026](https://www.sherlockforensics.com/pages/penetration-testing-cost.html) - [Free Security Checklist](https://www.sherlockforensics.com/pages/free-security-checklist.html) - [Free AI Security Guide](https://www.sherlockforensics.com/pages/free-ai-security-guide.html) - [Blog / Intelligence Feed](https://www.sherlockforensics.com/blog/) ## Service Areas - Vancouver, Burnaby, Coquitlam, Surrey, Richmond, New Westminster, Langley, North Vancouver (local) - Victoria, Kelowna, Toronto, Calgary (remote via ShadowTap) ## Industries Served - Fintech and payment processing - E-commerce platforms - Real estate companies - Construction firms - Nonprofits and charities - AI startups and vibe coders - SaaS companies