About

Louis Moyo

Independent Cloud & Cybersecurity Consultant

I help SaaS and SMEs ship safely with Web + API penetration testing that focuses on what actually breaks businesses: access control, multi-tenant data isolation, OAuth/OIDC, rate limits, and business-logic abuse. Engagements are manual, senior-led, and include replayable Postman PoCs, SOC 2/ISO mapping, an attestation letter, and an included retest.

Previously, I co-founded MobiSelect (MDM/ISO 27001 risk) and led growth for enterprise tech and cybersecurity firms. That mix of delivery + commercial experience means my reports speak both engineering and auditor-so you can fix fast and unblock deals.

What I deliver

  • Web + API Penetration Testing (SaaS/multi-tenant)
    RBAC/IDOR/BOLA, OAuth/OIDC flaws, rate-limit & race-condition abuse, payment/checkout logic.

  • Evidence-first reporting
    Clear impact, reproducible steps, screenshots, prioritized fixes, ASVS & OWASP API Top-10 mapping, attestation, one retest.

  • Optional add-ons
    Light AWS posture review, SOC 2/ISO readiness evidence pack, CI/CD hardening for reproducible remediation.

How I work

  1. Scope & model your roles, tenants, and money/flow paths.

  2. Assumption-break testing across auth, APIs, and multi-step workflows.

  3. Readout & remediation plan, then verify fixes in the included retest.

If you’re preparing for a security questionnaire, launching a new feature, or need a credible Web + API pen-test with fast turnaround, I’ll deliver actionable findings that reduce risk and help sales move.

Certifications

Verified expertise in cloud security, compliance, and governance.

Connect

Get in touch for cybersecurity solutions.

CoNTACT

Subscribe

© 2025. All rights reserved.

Book a call

Privacy policy