Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
hkohi.ca presents the personal profile of Hamed Kohi (0xHamy), a vulnerability researcher based in Brampton, Canada, rather than a typical SaaS or hardware security product. The page emphasizes his role as a Vulnerability Researcher, with 28 CVEs credited and acknowledgements from MITRE, VulDB, GitHub, the Apache Software Foundation, and others. His focus areas include vulnerability research and development, AppSec, system architecture, responsible disclosure, root cause analysis, exploit validation, and remediation guidance.
In terms of protection type, the site is more oriented toward vulnerability research and application security service capabilities, covering areas such as CVE, VDP, VRT, CTI, and RCA. It is suitable for discovering, validating, and explaining security vulnerabilities, rather than providing continuous perimeter protection, endpoint protection, or a cloud security platform. As for deployment, the page does not specify whether services are delivered on-premises, via cloud service, or through a managed model. For management and alerting, there is also no mention of a console, alert workflow, reporting system, or similar features. Integration capability is limited to links such as LinkedIn, GitHub, and external references; no integrations with Jira, SIEM, CI/CD, or vulnerability management platforms are disclosed.
The page does not disclose any pricing, packages, project-based fees, subscriptions, vulnerability bounty collaboration model, or payment methods. On the compliance side, it only mentions that CVEs have been recognized by multiple authoritative organizations or communities, which is not the same as provider-level compliance or qualifications such as ISO, SOC 2, or CREST. Therefore, buyers considering collaboration should further inquire about pricing, delivery scope, NDAs, SLAs, and report formats.
The main advantage is a clear individual technical profile, with a track record of CVE contributions and a capability chain that spans vulnerability discovery, root cause analysis, and remediation advice. This may be valuable for teams that need high-quality vulnerability research. The downside is that there is very little commercial information: no team size, customer cases, service catalog, response times, or support channels are provided, making it difficult to directly assess stable delivery capability.
It is better suited as an expert background evaluation entry point for security teams, open-source project maintainers, VDP operators, or companies needing specialized vulnerability research. The page provides no evidence regarding access from China; domain connectivity and payment methods are both unknown. If a localized alternative is needed, domestic security crowdsourcing, penetration testing, SDL/DevSecOps consulting, or vulnerability operations service providers may be considered.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on hkohi.ca official site.
hkohi.ca is an Canada Security provider. TG4G tracks its product information, an overall rating of 7.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach hkohi.ca directly.