Activemind
Solutions AB
Security by heart
Swedish security company. Penetration testing, security consulting, developer training — and the creators of scd.
Security should be part of
how you build — not an afterthought
Most SMB development teams have no dedicated security engineer. Security reviews happen as afterthoughts — if they happen at all. When a vulnerability reaches production, the cost of finding it has multiplied many times over compared to catching it at the keyboard.
We have spent years doing penetration tests and security audits for companies across industries. The pattern we see again and again: vulnerabilities that should have been caught in development, shipped because no one was looking at the right time.
AI coding tools have made this problem sharper. Code is written faster than ever — but the security awareness of the developer behind the keyboard has not kept pace. A model can generate a complete, working API endpoint with a SQL injection vulnerability in under a minute.
scd is our answer to that problem. A tool that runs quietly in the developer's own workflow, catches the patterns we see in every engagement, and does it without sending a single line of code outside the team's own infrastructure.
Security work, end to end
Penetration testing
Manual security assessments of web applications, APIs, and internal infrastructure. We find what automated tools miss — business logic flaws, chained vulnerabilities, and context-specific attack paths.
Security consulting
Architecture reviews, threat modelling, and security programme guidance for development teams that need expert input without a full-time security hire. We work alongside your team, not above it.
Developer training
Hands-on security training built around your team's actual codebase and finding history — not generic slides. Developers learn to recognise and avoid the vulnerabilities that appear most in your specific stack.
scd — the product
Our open-source SAST scanner. Built from direct experience of what vulnerabilities appear most in real codebases. Free to use, privacy-first by design, and a natural starting point for teams that want security in their daily workflow.
Learn more about scd →"We are so serious about privacy that we do not even want your data."
— Core principle, Activemind Solutions AB
Security tools handle sensitive information by definition. We believe that a tool asking you to trust it with your code should itself be worthy of that trust — transparent in what it does, honest about its limitations, and built so that you never have to take our word for it.
That is why scd runs locally, why every external connection is documented, and why the CLI itself is open source. Verify the code. Verify the network traffic. Everything should check out.
Questions about scd or
a security engagement?
Whether you are evaluating scd for your team, looking for help with a penetration test, or want to talk through your security programme — we are happy to hear from you.