Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
brettcrawley.it is the personal professional website of Brett Crawley. It is positioned more as a showcase for an application security expert, author, and speaker than as a cybersecurity product that can be directly purchased and deployed. The site states that Brett has more than 10 years of application security experience and 25 years of software engineering experience, and holds (ISC)² certifications including CISSP, CSSLP, and CCSP. He is also the author of Threat Modeling Gameplay with EoP and contributes to the OWASP Application Security Awareness Campaigns project.
From a cybersecurity perspective, the focus is on application security and secure software development governance, including Secure by Design, Privacy by Design, threat modeling, secure coding, vulnerability management, and integrating security best practices into the software development lifecycle (SDLC). These capabilities lean more toward consulting, training, methodology adoption, and security awareness building rather than tool-based protection such as firewalls, EDR, or WAF. The site also mentions that his threat modeling training has improved organizations’ design quality and security awareness, but it does not disclose specific clients, metrics, or case studies.
The website does not provide pricing models for consulting, training, or collaboration services, nor does it describe service packages, delivery timelines, payment methods, or support SLAs. The only clear commercial information is that his book is available for purchase on Amazon. Therefore, anyone interested in working with him would likely need to contact him directly to confirm scope and pricing.
The main strengths are his strong professional background, combining software engineering and application security expertise, backed by recognized certifications, a published book, and contributions to the OWASP community. This makes the site relevant for teams looking to build a culture around threat modeling and secure design. The limitations are that the website provides very limited information, with no enterprise customer cases, service catalog, toolchain integration details, management or alerting capabilities, compliance coverage, or pricing transparency. It is not suitable for quick comparison based on product specifications.
It is better suited to mid-sized to large software development organizations, security teams, architecture teams, or product teams looking to conduct threat modeling training, secure design reviews, SDLC security process implementation, and secure coding awareness programs. It is not suitable as a plug-and-play security protection platform purchase.
The site does not provide information about access from mainland China, service delivery, or local support. Actual accessibility and the Amazon book purchasing experience would need to be verified separately, so its access status from China is unknown.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on brettcrawley.it official site.
brettcrawley.it is an Unknown Security provider. TG4G tracks its product information, an overall rating of 5.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach brettcrawley.it directly.