Results for 2025

Sustainable development and continuous quality improvement at H-X Technologies

2025 has become a year of practicality, high quality and momentum for us. We launched dozens of new projects and continued dozens of existing ones. In these projects, security is measured not by reports and slogans, but by the process resilience, the engineering quality, and the confidence of our customers during audits, product launches, and incident response.

We want to share our key achievements this year and thank all our clients and partners who trusted us with their most valuable assets: reputation, data, and business continuity.

Key highlights of 2025

• January 2025. Launched the free, 24/7 virtual consultant H-X Cybersecurity Agent. It helps you with audits, compliance, penetration testing, resilience programs, and many other security topics. It brings in our team’s experts when necessary.
• March 2025. Strengthened our DORA expertise and regulatory practices for the financial sector. The focus is on ICT risk management, resilience, third-party controls, and incident preparedness.
• April 2025. Completed a major round of improvements to internal quality standards, planning, project management, and delivery assurance. We have long been working on the principle of multi-level independent review and pragmatic process improvement guided by Kaizen. In 2025, this was particularly helpful in scaling projects while simultaneously improving quality.
• May 2025. Strengthened our automotive direction. We continued working at the intersection of cybersecurity, standards, and engineering responsibility for connected and autonomous vehicles, including practical measures to reduce risks and improve system observability.
• June 2025. Expanded our presence in Central Asia. We continued working with companies in Kazakhstan, Uzbekistan, and Kyrgyzstan, where clear technical communication, high-quality documentation, and the adaptation of international practices to local context are particularly important. We are especially proud of our partnership with AIX, the largest international stock exchange in the region.
• September 2025. We delivered a practical talk on protecting AI systems at the ANTI-FRAUD FORUM-2025. We discussed threats to ML models and LLMs, system architecture, AI vulnerability testing, and the need for continuous monitoring.

We also want to recognize the behind-the-scenes yet vital contribution of our back-office teams to the quality, reliability, and convenience of our clients and project teams. This contribution included thorough due diligence; building legal structures and contracts so that clients and partners can operate comfortably within their jurisdictions; reducing our clients’ operational risks when withdrawing cryptocurrency and making other crypto-related decisions; careful selecting, mentoring, and internal promoting of young talent; improving communications, internal security, automation, and optimization of all processes. All of this made us more resilient and trusted by customers and partners.

Our projects for clients in 2025

Throughout the year, we focused on tasks where security delivers a measurable impact. Reducing customer risks, ensuring they pass independent audits, increasing the reliability of software releases, and improving incident preparedness were our primary missions in 2025. To achieve this, we:

• Performed penetration testing. This included work for major energy companies and automotive electronics manufacturers.
• Performed source code security audits. With a focus on critical defects and real-world exploitation scenarios.
• Simulated social engineering. We tested attack detection, response quality, communications, and other security-related processes.
• Conducted darknet and OSINT audits. We identified leaks, traces of compromise, and risk areas around brands, domains, and infrastructure.
• Conducted ICS security training. We covered not only theory but also practical OT threats, as well as effective technical and organizational measures.
• Prepared clients for ISO 27001 certification and official SOC 2 reporting. We guided clients through the audit and reporting cycles and continued assisting after completion.

What’s next in 2026

• Strengthening AI and blockchain security practices. More applied testing, more engineering controls, and more monitoring.
• Eurocompliance, financial regulation, cyber resilience. GDPR, NIS 2, CRA, DORA, third parties, incidents, business continuity, measurable maturity metrics.
• Automotive and Product Security. We are further developing areas where security is integrated into the lifecycle and is provable.
• Quality and repeatability of results. We continue to improve our workflows and artifact quality control.

Thank you to everyone who joined us in 2025!

We wish you peaceful holidays, stable systems, and confidence that security really works.

If you would like to discuss the 2026 tasks, contact us.