For work without a playbook
BRYCS is brought in for work across security, reverse engineering, low-level development, infrastructure, and systems design, particularly where the problem is unusual, high-consequence, or resistant to standard approaches.
What we do
Most engagements sit where disciplines overlap: protocols that matter in production, binaries that must be understood from the outside, infrastructure that has to survive operational reality, and systems that are expensive to change once they are in motion.
Web3 security
Security review for smart contracts, protocol design, and the systems around them.
Security engineering, cloud, and distributed systems
Practical security engineering, architecture, and systems design guidance for environments that need to survive contact with production, attackers, and operational complexity.
A consultancy with a lab behind it
.01
Assess frontier fit
Clarify whether a new capability belongs in the workflow at all. Cut what does not. Sharpen what does.
.02
Test integration paths
Validate interfaces, constraints, and feasibility against real systems, not whiteboard diagrams.
.03
Build enabling tooling
Turn adoption into something usable, repeatable, and operationally sound. Bespoke utilities where they earn their place.
Talk to the person doing the work.
Founder-led delivery. No sales layer, no ticket numbers. Send a short note about the system, the question, and the timeline, and the conversation continues from there.
Frequently Asked Questions.
Practical answers to what most teams ask before bringing BRYCS in.
How does BRYCS scope an engagement?
Most engagements start with a short call to clarify scope, constraints, and timeline. From there, BRYCS proposes whether the work fits an audit, a research sprint, a security engineering engagement, or a feasibility study.
Do you sign NDAs before any discussion?
Yes. Private projects and NDA-first conversations are welcome. Much of the most relevant work is not public.
What does a typical timeline look like?
Engagements range from short feasibility sprints to multi-week security reviews and longer research engagements. Timelines depend on scope and risk.
Can findings be shared publicly?
Only when explicitly agreed. Most engagements remain private, and findings are delivered directly to the client.
Can you work with our existing security team?
Yes. BRYCS regularly partners with internal teams, providing specialist depth where it is needed without disrupting existing structures.
Do you handle one-off audits or retainers?
Both. Engagements can be one-off reviews, focused research sprints, or longer retainers, depending on what the work needs.
What happens after the engagement ends?
BRYCS delivers findings, reasoning, and concrete next steps your team can use. Ongoing support can be arranged where useful.
Where is BRYCS based and how do you operate?
BRYCS is based in Singapore and operates as a founder-led consultancy. Clients talk to the person doing the work, not a sales layer.
