Founded in 2026, Sunderland Security is an independent cybersecurity research and engineering firm dedicated to advancing enterprise security through open-source innovation, rigorous research, and practical engineering.
We believe that enterprise security should be resilient by design, not an afterthought. Our mission is to build security tools and architectures that withstand modern threats while remaining practical for real-world deployment.
Unlike traditional security vendors, we publish all our research and tools as open-source, fostering transparency and collaboration across the security community. This approach allows for peer review, rapid improvement, and ensures our solutions work in the most demanding environments.
Our focus areas—Active Directory resilience, zero-trust architectures, and high-performance detection systems—represent the most critical challenges facing enterprise security teams today.
— Sunderland Security Principle
These principles guide every tool we build, every research paper we publish, and every engagement we undertake.
All our tools are open-source and peer-reviewed. We believe security through obscurity is no security at all.
Security tools must perform at scale without compromising system performance. We specialize in sub-millisecond detection engines.
We build systems with cryptographic proof of security properties. Trust should be mathematically verifiable, not assumed.
We work with security teams worldwide to understand real-world challenges and develop practical solutions.
Every tool begins with rigorous research. We stay at the forefront of security academia and attack methodologies.
We design systems to withstand compromise and maintain security properties even under active attack.
Our team brings decades of combined experience in enterprise security, cryptography, and systems engineering.
From research project to enterprise security partner.
Sunderland Security founded by Alexandra Chen with initial research into Active Directory privilege escalation detection.
Published ADPath, our first open-source tool for Active Directory privilege escalation analysis. Quickly adopted by Fortune 500 security teams.
Began development of RZIP, our zero-knowledge proof system for identity verification, in collaboration with academic cryptography researchers.
Released RustAV with sub-millisecond scan latency, setting new standards for endpoint detection performance in enterprise environments.
Our tools now used by security teams in over 30 countries across finance, healthcare, government, and critical infrastructure sectors.
Whether you're a security researcher, enterprise team, or academic partner, we welcome collaboration to build more resilient infrastructure.