Today’s Topics:

• OpenAI’s Codex Security Finds Over 10,000 High-Severity Vulnerabilities in 1.2 Million Code Commits
• Apple’s iPhone and iPad Approved for Handling NATO Restricted Classified Information
• How can Netizen help?

OpenAI’s Codex Security Finds Over 10,000 High-Severity Vulnerabilities in 1.2 Million Code Commits

OpenAI has begun rolling out a new artificial intelligence–driven security capability called Codex Security, a tool built to identify, validate, and propose fixes for software vulnerabilities across large codebases. The system, now available in a research preview for ChatGPT Pro, Enterprise, Business, and Edu customers, represents a new step in the use of AI agents for application security testing. During the last month of beta testing alone, the system analyzed more than 1.2 million commits across public repositories and uncovered thousands of serious security flaws.

According to OpenAI, the scans identified 792 critical vulnerabilities and 10,561 high-severity issues across a range of widely used open-source projects. Among the affected platforms were major software components such as OpenSSH, GnuTLS, libssh, PHP, Chromium, Thorium, and GOGS. Several vulnerabilities identified during the scans have already received CVE identifiers, including CVE-2026-24881 and CVE-2026-24882 in GnuPG, CVE-2025-32988 and CVE-2025-32989 in GnuTLS, and multiple vulnerabilities in the Thorium browser project including CVE-2025-35430 through CVE-2025-35436. The scale of the findings highlights how large repositories and long development histories can allow security flaws to remain undiscovered for extended periods.

Codex Security evolved from an earlier OpenAI research effort known as Aardvark, which entered private beta in late 2025 as an experiment in automated vulnerability discovery. That project focused on identifying weaknesses across large software ecosystems using advanced reasoning models. Codex Security expands on that approach by integrating system context analysis, automated validation, and patch generation into a single security workflow.

The system begins by examining the structure of a repository to determine how different components interact and where security exposure is likely to exist. This initial analysis produces an editable threat model describing the architecture of the application and identifying areas where vulnerabilities may have the greatest impact. Rather than treating code files in isolation, the system attempts to interpret how the software behaves as a full application.

After building this contextual understanding, the agent analyzes the codebase for weaknesses and ranks findings according to potential real-world impact. The system then validates suspected vulnerabilities inside a sandbox environment to determine whether the issue can actually be reproduced. This step aims to reduce the volume of false alerts that typically appear in automated static analysis tools.

OpenAI reports that accuracy improved significantly across repeated scans of the same repositories, with false positive rates declining by more than fifty percent. The company attributes the improvement to the combination of model reasoning and automated validation, which allows the agent to test its own findings rather than presenting raw detections to developers.

When the system confirms a vulnerability, Codex Security generates remediation suggestions that attempt to align with the behavior of the existing application. In some cases the system can produce working proof-of-concept demonstrations showing how the vulnerability could be exploited. These demonstrations are intended to help security teams validate risk and accelerate remediation.

The agent can also run against environments configured to match the software being tested. When deployed this way, Codex Security can evaluate suspected vulnerabilities against the running application itself rather than relying only on static code analysis. OpenAI says this capability helps confirm whether a vulnerability is actually reachable and exploitable within the deployed system.

The release of Codex Security comes during a period of rapid development in AI-driven application security tools. Just weeks earlier, Anthropic introduced its own system called Claude Code Security, designed to analyze code repositories and recommend patches. Both tools reflect a broader effort across the industry to apply large language models to vulnerability discovery and secure software development.

Apple’s iPhone and iPad Approved for Handling NATO Restricted Classified Information

Apple has announced that the iPhone and iPad have received approval for use in environments that handle classified information up to the NATO Restricted level, marking the first time consumer mobile devices have achieved compliance with the information assurance requirements used by NATO nations. The certification follows extensive security testing and evaluation conducted by the German government, confirming that Apple’s mobile platforms meet the operational and security standards required for handling restricted NATO data.

The approval allows iPhone and iPad devices running iOS 26 and iPadOS 26 to process classified information within NATO environments without the need for additional security software or specialized configurations. According to Apple, no other consumer mobile devices currently meet this certification standard, which has historically been reserved for custom-built government systems or specialized hardened hardware.

The evaluation process was conducted by Germany’s Federal Office for Information Security, known as the Bundesamt für Sicherheit in der Informationstechnik (BSI). As part of the assessment, BSI performed technical testing, security validation, and in-depth analysis of Apple’s mobile platform architecture. The review examined how the operating system, hardware protections, and platform security controls interact to protect sensitive data under strict government security requirements.

Apple’s security architecture integrates protections across the hardware and software stack, including encryption systems, biometric authentication, and device integrity protections embedded in Apple silicon. Features such as Face ID authentication and memory integrity protections were included in the evaluation, demonstrating that the devices provide strong safeguards against unauthorized access and system compromise.

Prior to this broader NATO approval, iPhone and iPad had already been authorized for use with classified German government data under BSI oversight. That earlier authorization confirmed that Apple’s native iOS and iPadOS security capabilities could meet the standards required for handling sensitive government information. The latest certification expands this recognition across NATO member states, enabling the devices to be deployed in allied government environments handling restricted data.

Following the evaluation, iOS 26 and iPadOS 26 have been listed in the NATO Information Assurance Product Catalogue, which tracks technologies approved for use in NATO information systems. Inclusion in the catalogue indicates that the platform meets defined security assurance criteria and can be used in operational environments that manage classified information at the restricted level.

Officials involved in the evaluation emphasized the importance of incorporating security protections directly into product development. Claudia Plattner, president of BSI, stated that secure digital transformation depends on integrating information security from the earliest stages of mobile device design. The agency’s audit of Apple’s platform security architecture formed the basis for confirming compliance with NATO assurance requirements.

According to Ivan Krstić, Apple’s vice president of Security Engineering and Architecture, the company’s strategy has focused on embedding strong security protections directly into widely distributed consumer devices rather than relying on specialized hardware built only for government or enterprise environments.

For NATO organizations and government agencies, the approval opens the possibility of using mainstream mobile hardware within classified operational contexts while relying on native platform protections. Historically, devices used in such environments required extensive customization and dedicated security infrastructure before they could be deployed.

How Can Netizen Help?

Founded in 2013, Netizen is an award-winning technology firm that develops and leverages cutting-edge solutions to create a more secure, integrated, and automated digital environment for government, defense, and commercial clients worldwide. Our innovative solutions transform complex cybersecurity and technology challenges into strategic advantages by delivering mission-critical capabilities that safeguard and optimize clients’ digital infrastructure. One example of this is our popular “CISO-as-a-Service” offering that enables organizations of any size to access executive level cybersecurity expertise at a fraction of the cost of hiring internally. 

Netizen also operates a state-of-the-art 24x7x365 Security Operations Center (SOC) that delivers comprehensive cybersecurity monitoring solutions for defense, government, and commercial clients. Our service portfolio includes cybersecurity assessments and advisory, hosted SIEM and EDR/XDR solutions, software assurance, penetration testing, cybersecurity engineering, and compliance audit support. We specialize in serving organizations that operate within some of the world’s most highly sensitive and tightly regulated environments where unwavering security, strict compliance, technical excellence, and operational maturity are non-negotiable requirements. Our proven track record in these domains positions us as the premier trusted partner for organizations where technology reliability and security cannot be compromised.

Netizen holds ISO 27001, ISO 9001, ISO 20000-1, and CMMI Level III SVC registrations demonstrating the maturity of our operations. We are a proud Service-Disabled Veteran-Owned Small Business (SDVOSB) certified by U.S. Small Business Administration (SBA) that has been named multiple times to the Inc. 5000 and Vet 100 lists of the most successful and fastest-growing private companies in the nation. Netizen has also been named a national “Best Workplace” by Inc. Magazine, a multiple awardee of the U.S. Department of Labor HIRE Vets Platinum Medallion for veteran hiring and retention, the Lehigh Valley Business of the Year and Veteran-Owned Business of the Year, and the recipient of dozens of other awards and accolades for innovation, community support, working environment, and growth.

Looking for expert guidance to secure, automate, and streamline your IT infrastructure and operations? Start the conversation today.

Today’s Topics:

• CVE-2026-0628 Shows How Browser-Integrated AI Can Undermine Chrome’s Security Model
• Google’s Merkle Tree Certificates Signal a Structural Shift Toward Quantum-Resistant HTTPS
• How can Netizen help?

CVE-2026-0628 Shows How Browser-Integrated AI Can Undermine Chrome’s Security Model

Google has patched a high-severity vulnerability in Chrome that exposed a deeper issue many security teams are still grappling with: what happens when AI assistants operate inside high-privilege browser contexts. Tracked as CVE-2026-0628 with a CVSS score of 8.8, the flaw allowed malicious extensions to escalate privileges by abusing insufficient policy enforcement in Chrome’s WebView tag. The issue was fixed in Chrome version 143.0.7499.192 and .193 for Windows and macOS, and 143.0.7499.192 for Linux.

The vulnerability was discovered by Gal Weizman of Palo Alto Networks Unit 42 and reported in November 2025. At a technical level, the flaw enabled a crafted Chrome extension to inject scripts or HTML into a privileged page. That privileged surface was the Gemini Live panel, part of Google’s browser-level integration of Google Chrome with Gemini, which Google rolled into Chrome in September 2025.

Under normal conditions, Chrome extensions are constrained by a permission model that limits what they can access. This case broke that assumption. An extension operating with relatively basic permissions, including access to the declarativeNetRequest API, could inject JavaScript into the Gemini side panel running at gemini.google.com/app. That context carries elevated capabilities because Chrome intentionally grants the Gemini panel access to sensitive browser features in order to perform multi-step AI tasks.

Once code execution occurred inside that panel, the impact moved well beyond typical extension abuse. An attacker could potentially access the victim’s camera and microphone, take screenshots of arbitrary websites, and interact with local files. These are capabilities normally gated by strict permission prompts and origin isolation rules. CVE-2026-0628 effectively blurred those boundaries.

The declarativeNetRequest API itself is not inherently unsafe. It is widely used by ad-blocking extensions to intercept and modify HTTPS traffic. The problem arose from how extension-controlled request manipulation intersected with a high-privilege, browser-embedded AI component. When the Gemini application was loaded inside the panel, Chrome bound it to capabilities necessary for AI-driven summarization, translation, and task automation. That design decision created a path where extension-level influence could cross into a more trusted execution context.

From a security architecture standpoint, this is the more significant takeaway. AI agents embedded directly into the browser require privileged access to operate effectively. They need visibility into page content, file systems, and user inputs to complete complex workflows. That privilege becomes a liability if isolation boundaries are imperfect. In this case, the WebView tag’s insufficient policy enforcement allowed an attacker to pivot from a lower-privileged extension environment into a component that was effectively “part of the browser.”

There is also a secondary concern that deserves attention. Prompt injection attacks against AI agents are already a known risk. If a malicious page can influence an agent to perform restricted actions, and that agent is running in a privileged browser context, the blast radius expands. Researchers noted the possibility of hidden prompts instructing the assistant to execute actions that would otherwise be blocked. In worst-case scenarios, instructions could be stored in session memory, persisting behavior across browsing sessions.

Google’s Merkle Tree Certificates Signal a Structural Shift Toward Quantum-Resistant HTTPS

Google has outlined a new strategy to prepare HTTPS for the eventual impact of quantum computing, and the approach is architectural rather than incremental. Instead of inserting post-quantum cryptography directly into traditional X.509 certificate chains, Google is developing an alternative model built on Merkle Tree Certificates, or MTCs, within the Chrome ecosystem.

The initiative is being led by the Chrome Secure Web and Networking Team behind Google Chrome. The objective is clear: make HTTPS authentication quantum-resistant without inflating TLS handshake sizes to the point where performance suffers. The company has stated it does not plan to immediately add classical X.509 certificates containing post-quantum algorithms into the Chrome Root Store. That decision reflects the practical constraints of bandwidth, handshake latency, and ecosystem scalability.

Merkle Tree Certificates represent a structural redesign of certificate validation. Instead of issuing and transmitting a full certificate chain with multiple public keys and signatures, a Certification Authority signs a single “Tree Head” that represents potentially millions of certificates. When a browser connects, it receives a compact proof of inclusion in that tree. The cryptographic strength comes from the Merkle structure itself, which allows efficient verification without transmitting excessive data.

This is particularly relevant in a post-quantum context. Post-quantum cryptographic algorithms typically involve significantly larger key sizes and signatures compared to current elliptic curve or RSA-based systems. If those algorithms were inserted directly into today’s certificate chains, handshake sizes would expand and potentially degrade user experience. MTCs decouple algorithm strength from transmitted data size, allowing stronger cryptography without proportionally increasing network overhead.

The proposal is being developed within the PLANTS working group, and companies such as Cloudflare are collaborating on feasibility testing. Google has confirmed that it is already experimenting with MTCs using live internet traffic to assess performance and security characteristics in real-world conditions.

The rollout strategy spans three phases. The first phase, already underway, focuses on feasibility and operational validation in partnership with Cloudflare. The second phase, planned for the first quarter of 2027, will involve Certificate Transparency log operators that already maintain usable logs in Chrome. That step is important because Certificate Transparency remains central to Chrome’s trust model. The third phase, targeted for the third quarter of 2027, will define onboarding requirements for Certificate Authorities into a new Chrome Quantum-resistant Root Store that supports only MTC-based certificates.

This move signals that Chrome is preparing for a future in which quantum-capable adversaries can break classical public key cryptography. Even though large-scale quantum attacks are not yet operationally viable, the industry recognizes the risk of “harvest now, decrypt later” strategies, where encrypted traffic captured today could be decrypted once quantum capabilities mature. Building quantum resistance into browser trust anchors before that inflection point reduces long-term exposure.

From a security architecture perspective, this initiative touches the foundation of internet trust. HTTPS authentication depends on Public Key Infrastructure and root trust stores embedded in browsers. Any transition to post-quantum resilience must preserve interoperability, performance, and auditability. By compressing authentication data through Merkle proofs, Chrome is attempting to modernize PKI without destabilizing it.

For enterprise environments, the immediate action item is awareness rather than deployment. Organizations should monitor developments in post-quantum TLS, certificate issuance practices, and Chrome’s evolving root program. Certificate lifecycle management, internal PKI planning, and long-term cryptographic agility strategies will need to account for these structural changes over the next several years.veloper-focused compromise.

How Can Netizen Help?

Founded in 2013, Netizen is an award-winning technology firm that develops and leverages cutting-edge solutions to create a more secure, integrated, and automated digital environment for government, defense, and commercial clients worldwide. Our innovative solutions transform complex cybersecurity and technology challenges into strategic advantages by delivering mission-critical capabilities that safeguard and optimize clients’ digital infrastructure. One example of this is our popular “CISO-as-a-Service” offering that enables organizations of any size to access executive level cybersecurity expertise at a fraction of the cost of hiring internally. 

Netizen also operates a state-of-the-art 24x7x365 Security Operations Center (SOC) that delivers comprehensive cybersecurity monitoring solutions for defense, government, and commercial clients. Our service portfolio includes cybersecurity assessments and advisory, hosted SIEM and EDR/XDR solutions, software assurance, penetration testing, cybersecurity engineering, and compliance audit support. We specialize in serving organizations that operate within some of the world’s most highly sensitive and tightly regulated environments where unwavering security, strict compliance, technical excellence, and operational maturity are non-negotiable requirements. Our proven track record in these domains positions us as the premier trusted partner for organizations where technology reliability and security cannot be compromised.

Netizen holds ISO 27001, ISO 9001, ISO 20000-1, and CMMI Level III SVC registrations demonstrating the maturity of our operations. We are a proud Service-Disabled Veteran-Owned Small Business (SDVOSB) certified by U.S. Small Business Administration (SBA) that has been named multiple times to the Inc. 5000 and Vet 100 lists of the most successful and fastest-growing private companies in the nation. Netizen has also been named a national “Best Workplace” by Inc. Magazine, a multiple awardee of the U.S. Department of Labor HIRE Vets Platinum Medallion for veteran hiring and retention, the Lehigh Valley Business of the Year and Veteran-Owned Business of the Year, and the recipient of dozens of other awards and accolades for innovation, community support, working environment, and growth.

Looking for expert guidance to secure, automate, and streamline your IT infrastructure and operations? Start the conversation today.

Today’s Topics:

• Anthropic Introduces Claude Code Security for AI-Driven Vulnerability Scanning
• Malicious npm Campaign Harvests Crypto Keys, CI Secrets, and LLM Tokens
• How can Netizen help?

Anthropic Introduces Claude Code Security for AI-Driven Vulnerability Scanning

Anthropic has announced a new capability within Claude Code called Claude Code Security, an AI-assisted vulnerability scanning feature now available in limited research preview for Enterprise and Team customers. The release signals a clear shift in how AI is being positioned inside development environments. The model is no longer just generating code. It is actively reviewing it for security defects.

Claude Code Security scans a user’s codebase, identifies potential vulnerabilities, and proposes targeted remediation steps for developer review. The system does not automatically modify production code. Instead, it surfaces findings inside a dedicated dashboard, assigns severity levels, provides a confidence score, and presents suggested patches for explicit human approval. That human approval requirement is a critical architectural choice. It preserves change control discipline and avoids introducing automated remediation risk into secure development workflows.

Anthropic’s positioning is grounded in a reality security teams are already seeing. AI-assisted tooling can accelerate vulnerability discovery at scale. That acceleration benefits defenders, but it also benefits adversaries. As models become more capable of reasoning through application logic, tracing dependencies, and mapping data flows, the time required to identify exploitable weaknesses continues to shrink. Claude Code Security is designed to counterbalance that dynamic by placing similar reasoning capabilities into the hands of defenders.

The company claims the system goes beyond conventional static analysis. Traditional SAST tools rely heavily on rule-based detection and signature matching. They are effective at identifying known patterns such as injection flaws or unsafe function usage, but they often struggle with multi-step logic errors and contextual trust boundary violations. Claude Code Security is described as reasoning about the codebase in a way that more closely resembles a human security reviewer. It evaluates how components interact, traces data flows across services, and attempts to identify vulnerabilities that may not match predefined signatures.

False positive reduction is addressed through what Anthropic describes as a multi-stage verification process. Findings are re-analyzed before being presented to the user, and each issue is assigned both a severity rating and a confidence score. That layered review approach is intended to reduce alert fatigue and help development teams prioritize remediation based on impact and likelihood.

From a DevSecOps perspective, the practical question is integration. Organizations with mature pipelines already operate SAST, DAST, and software composition analysis tooling. Claude Code Security appears positioned as a reasoning layer that augments those deterministic systems rather than replaces them. Its value will depend on how effectively it complements existing scanners, how transparent its findings are, and how easily it can be incorporated into established approval workflows.

In regulated environments, governance will matter. Any AI-driven code analysis tool must support auditability, logging, traceability of decisions, and protection of proprietary source code. The explicit human-in-the-loop model helps address change management and accountability requirements that frameworks such as NIST SP 800-53, ISO 27001, and CMMC 2.0 expect organizations to enforce.

Claude Code Security remains in research preview, so operational maturity and real-world performance data are still emerging. Even so, the strategic direction is clear. AI is moving from a development accelerator to a security control embedded directly into the software lifecycle. For security leaders, the focus should be on disciplined adoption, governance alignment, and measurable reduction in vulnerability exposure rather than novelty.

Malicious npm Campaign Harvests Crypto Keys, CI Secrets, and LLM Tokens

Researchers have uncovered an active supply chain campaign leveraging at least 19 malicious npm packages to harvest developer credentials, cryptocurrency keys, CI/CD secrets, and API tokens. The operation, tracked by Socket under the name SANDWORM_MODE, resembles earlier Shai-Hulud-style worm activity, but with expanded functionality and more deliberate targeting of AI-assisted development environments.

The malicious packages were published under the npm aliases official334 and javaorg. They include typosquatted and deceptively named modules such as claud-code, crypto-reader-info, node-native-bridge, secp256, suport-color, and others. Four additional sleeper packages were identified that currently contain no malicious functionality but may serve staging or trust-building purposes.

The core payload is designed to extract system information, environment variables, access tokens, API keys, and cryptocurrency private keys from infected developer environments. Once harvested, the malware abuses stolen npm and GitHub credentials to publish additional malicious packages, effectively propagating itself through compromised identities.

This propagation model transforms the campaign from a one-off credential theft operation into a self-expanding supply chain worm. By compromising trusted publisher accounts, the attackers increase their distribution reach and reduce the likelihood of early detection.

The malware also embeds a weaponized GitHub Action capable of harvesting CI/CD secrets directly from build pipelines. Exfiltration occurs over HTTPS with DNS fallback, increasing resiliency if primary outbound channels are blocked.

The codebase includes a destructive routine designed to wipe the victim’s home directory if the malware loses access to GitHub or npm infrastructure. Although this wiper functionality is currently disabled by default, its presence significantly raises the risk profile of the campaign. It signals that the operators are prepared to transition from stealthy credential harvesting to disruptive retaliation if their infrastructure is disrupted.

Socket noted multiple feature flags and toggles within the code that suggest the threat actor is actively iterating. Some builds disable destructive routines or polymorphic rewriting, indicating staged deployment and ongoing refinement rather than accidental publication.

One of the most notable components is a module referred to as McpInject. This functionality targets AI coding assistants by deploying a malicious Model Context Protocol server and injecting it into local tool configurations.

The rogue MCP server masquerades as a legitimate tool provider and registers benign-looking utilities. Embedded within those utilities are prompt injections designed to extract sensitive files, including:

• ~/.ssh/id_rsa and ~/.ssh/id_ed25519
• ~/.aws/credentials
• ~/.npmrc
• .env files

These artifacts are staged locally for later exfiltration.

The module specifically targets developer tooling environments that integrate AI assistants, including Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code Continue, and Windsurf. It also harvests API keys associated with major LLM providers, including Anthropic, Cohere, Fireworks AI, Google, Grok, Mistral, OpenAI, Replicate, and Together.

This marks a clear evolution in supply chain attacks. The objective is no longer limited to source code or infrastructure credentials. AI model access itself is now a target.

The malware contains a polymorphic engine configured to call a local Ollama instance running DeepSeek Coder. That engine can rewrite control flow, rename variables, inject junk code, and encode strings to evade detection. Although currently disabled in observed samples, the capability indicates preparation for more evasive future variants.

The attack unfolds in two stages. The first stage captures credentials and cryptocurrency keys. A second stage, activated after a delay of at least 48 hours with additional per-machine jitter, performs deeper harvesting, worm-like propagation, MCP injection, and full data exfiltration. The delayed execution complicates sandbox-based detection and incident response correlation.

Separate disclosures from Veracode and JFrog identified additional malicious npm packages, including buildrunner-dev and eslint-verify-plugin.

Buildrunner-dev delivers Pulsar RAT, an open-source .NET remote access trojan hosted inside a PNG image. The malware targets Windows, macOS, and Linux systems.

Eslint-verify-plugin masquerades as a legitimate ESLint utility but deploys a multi-stage infection chain. On Linux, it installs a Poseidon agent tied to the Mythic C2 framework, enabling credential harvesting, lateral movement, and file operations. On macOS, it executes Apfell, a JavaScript for Automation agent capable of extensive data collection and privilege escalation through the creation of a new administrator account.

Stolen data includes system information, browser artifacts, clipboard contents, password dialog captures, iCloud Keychain files, Chrome cookies and login data, screenshots, and file metadata.

Checkmarx also reported a rogue VS Code extension called solid281, impersonating the official Solidity extension. It deploys an obfuscated loader that installs ScreenConnect on Windows and a Python reverse shell on macOS and Linux. The targeting of Solidity developers aligns with broader patterns of developer-focused compromise.

How Can Netizen Help?

Founded in 2013, Netizen is an award-winning technology firm that develops and leverages cutting-edge solutions to create a more secure, integrated, and automated digital environment for government, defense, and commercial clients worldwide. Our innovative solutions transform complex cybersecurity and technology challenges into strategic advantages by delivering mission-critical capabilities that safeguard and optimize clients’ digital infrastructure. One example of this is our popular “CISO-as-a-Service” offering that enables organizations of any size to access executive level cybersecurity expertise at a fraction of the cost of hiring internally. 

Netizen also operates a state-of-the-art 24x7x365 Security Operations Center (SOC) that delivers comprehensive cybersecurity monitoring solutions for defense, government, and commercial clients. Our service portfolio includes cybersecurity assessments and advisory, hosted SIEM and EDR/XDR solutions, software assurance, penetration testing, cybersecurity engineering, and compliance audit support. We specialize in serving organizations that operate within some of the world’s most highly sensitive and tightly regulated environments where unwavering security, strict compliance, technical excellence, and operational maturity are non-negotiable requirements. Our proven track record in these domains positions us as the premier trusted partner for organizations where technology reliability and security cannot be compromised.

Netizen holds ISO 27001, ISO 9001, ISO 20000-1, and CMMI Level III SVC registrations demonstrating the maturity of our operations. We are a proud Service-Disabled Veteran-Owned Small Business (SDVOSB) certified by U.S. Small Business Administration (SBA) that has been named multiple times to the Inc. 5000 and Vet 100 lists of the most successful and fastest-growing private companies in the nation. Netizen has also been named a national “Best Workplace” by Inc. Magazine, a multiple awardee of the U.S. Department of Labor HIRE Vets Platinum Medallion for veteran hiring and retention, the Lehigh Valley Business of the Year and Veteran-Owned Business of the Year, and the recipient of dozens of other awards and accolades for innovation, community support, working environment, and growth.

Looking for expert guidance to secure, automate, and streamline your IT infrastructure and operations? Start the conversation today.