CEO/Founder Hack23 | Security & Open Source Expert | Cloud Security Specialist | Information Security Professional

CEO/Founder of Hack23 |

Strong advocate for transparency in organizations, secure software development practices, and innovative open source solutions. Experienced security professional with over 30 years in information technology, specializing in security architecture, cloud security, and compliance. Prior roles including Application Security Officer at Stena, Information Security Officer at Polestar and Senior Security Architect at WirelessCar.

🔐 Commitment to Transparency and Security

At Hack23 AB, we believe that true security comes through transparency and demonstrable practices. Our Information Security Management System (ISMS) is publicly available, showcasing our commitment to open security practices.

📋 Public ISMS Repository Complete Information Security Management System documentation

🔒 Information Security Policy Enterprise-grade security framework and governance

🏆 Security Through Transparency

Our approach to cybersecurity consulting is built on a foundation of transparent practices:

• 🔍 Open Documentation: Complete ISMS framework available for review
• 📋 Policy Transparency: Detailed security policies and procedures publicly accessible
• 🎯 Demonstrable Expertise: Our own security implementation serves as a live demonstration
• 🔄 Continuous Improvement: Public documentation enables community feedback and enhancement

Professional Certifications

🔒 Hack23 AB

Swedish innovation hub specializing in creating immersive and precise game experiences alongside expert cybersecurity consulting and solutions.

🚀 Featured Projects

🔥 Black Trigram (흑괘)

Realistic 2D precision combat simulator inspired by traditional Korean martial arts, focusing on precise anatomical targeting, authentic combat techniques, and detailed physics modeling. 🌐 Official Website • 📂 Repository ��� 📚 Documentation

🔐 CIA Compliance Manager

Security assessment platform for the CIA triad (Confidentiality, Integrity, Availability) with business impact analysis and compliance mapping to regulatory frameworks like NIS2, ISO 27001, and GDPR. 🚀 Live Demo • 📂 Repository • ✨ Features • 📚 Documentation

🔍 Citizen Intelligence Agency

Political transparency platform monitoring Swedish political activity with data-driven insights, analytics, dashboard visualizations, and accountability metrics. 📂 Repository • ✨ Features • 📚 Documentation

☁️ Lambda in Private VPC

Enterprise-grade multi-region active/active architecture with near-zero recovery time, comprehensive DNS failover, and AWS Resilience Hub policy compliance for mission-critical workloads. 📂 Repository • 🏗️ Architecture

🧪 Sonar-CloudFormation-Plugin

SonarQube plugin for analyzing AWS CloudFormation templates with security best practices based on NIST, CWE, and ISO standards. 📂 Repository • 📦 Maven Central

🗳️ Riksdagsmonitor

Swedish Parliament Intelligence Platform monitoring political activity in Sweden's Riksdag with systematic transparency through real-time analysis and 50+ years of historical data (1971-2024). 🌐 Official Website • 📂 Repository • 🔒 ISMS

🎮 Game Template

Secure game development template with React, TypeScript, Three.js, and Vite - built with security-first principles, comprehensive SBOM generation, and automated security testing aligned with Hack23 AB ISMS policies. 📂 Repository • 🔒 Security Features • 📋 ISMS Policy Mapping

🔑 Security Services

Professional cybersecurity consulting services delivered remotely or in-person in Gothenburg. Drawing from over three decades of experience in software development and security architecture, we deliver practical, implementable security solutions.

📋 Service Overview

| | | |---|---| | 🌐 Availability | Remote or in-person (Gothenburg) | | 💰 Pricing | Contact for pricing | | 🏢 Company | Hack23 AB (Org.nr 5595347807) | | 📧 Contact | LinkedIn |

🎯 Core Service Areas

| Area | Services | Ideal for | |------|----------|-----------| | 🏗️ Security Architecture & Strategy | Enterprise Security Architecture, Risk Assessment & Management, Security Strategy Development, Governance Framework Design | Organizations needing strategic security leadership and architectural guidance | | ☁️ Cloud Security & DevSecOps | Secure Cloud Solutions (AWS), DevSecOps Integration, Infrastructure as Code Security, Container & Serverless Security | Development teams transitioning to cloud-native architectures with security focus | | 🔧 Secure Development & Code Quality | Secure SDLC Implementation, CI/CD Security Integration, Code Quality & Security Analysis, Supply Chain Security (SLSA Level 3) | Development teams seeking to embed security without slowing innovation |

🏆 Specialized Expertise

| Category | Services | Value | |----------|----------|-------| | 📋 Compliance & Regulatory | GDPR, NIS2, ISO 27001 implementation, ISMS Design, AI Governance, Audit Preparation | Navigate complex regulatory landscapes with confidence | | 🌐 Open Source Security | OSPO establishment, Vulnerability Management, Security Tool Development, Community Engagement | Leverage open source securely while contributing to security transparency | | 🎓 Security Culture & Training | Security Awareness Programs, Developer Security Training, Leadership Briefings, Incident Response Training | Transform security from barrier to enabler through education and culture |

🔑 Security Focus Areas

mindmap
  root((🔐 CIA Triad<br>Security Focus))
    🔒 Confidentiality
      🏷️ Data Classification
        🌐 Public
        🛡️ Restricted
        🗝️ Confidential
        🔒 Secret
      🚪 Access Control
        👥 RBAC Implementation
        🔑 MFA Integration
        📉 Least Privilege
      🔑 Encryption
        🧬 AES-256
        🧿 Quantum-Safe Encryption
        🗝️ KMS Integration
    ✔️ Integrity
      🧪 Data Validation
        👁️ Manual Checks
        🤖 Automated Validation
        🔗 Blockchain Records
      🔄 Change Control
        📝 Audit Trails
        ♻️ Versioning
        🛡️ Non-Repudiation
      🏆 Quality Assurance
        🧑‍💻 Code Analysis
        🧩 Test Coverage
        🏅 SLSA Level 3
    ⏰ Availability
      🛡️ Resilience Levels
        💾 Backup/Restore
        🔥 Pilot Light
        ♨️ Warm Standby
        🌐 Multi-Site Active/Active
      📊 Recovery Metrics
        🕑 RTO Targets
        ⏳ RPO Objectives
        📈 Uptime SLAs
      👀 Monitoring
        ❤️ Health Checks
        🚨 Alerting
        💥 Chaos Testing

🌟 Featured in Press & Media

🎤 Technical Talks & Presentations

🎙️ Javaforum Göteborg Presentation on secure architecture patterns

🎙️ Shift Left Like A Boss Security podcast guest appearance discussing DevSecOps

🍎 Discordian Cybersecurity Insights

Explore information security, ISMS policies, and cybersecurity best practices through the unique Discordian lens inspired by the Illuminatus! trilogy. "Think for yourself, question authority."

📖 Security Blog: 30+ Posts Everything You Know About Security Is a Lie — Nation-state capabilities, approved crypto paradox, and Chapel Perilous initiation. Complete ISMS coverage with radical transparency.

Featured Content:

• 🎭 Discordian Manifesto - Everything You Know About Security Is a Lie
• 📚 Complete ISMS Coverage - All 30 posts link directly to ISMS-PUBLIC repository
• 🍎 Illuminatus! Style - FNORD detection, Chapel Perilous references, 23 FNORD 5 signatures

All hail Eris! All hail Discordia! 🍎

💼 About James Pether Sörling

mindmap
  root((👨‍💼 James Pether Sörling))
    🔐 Information & Security Leadership
      👨‍💼 CISO / ISO Roles
      🛡️ Security Architecture
      🧩 CIA Triad Implementation
      🛠️ Policy Development & Governance
      📊 Risk Management
      🔍 Audit & Compliance Oversight
      🤖 AI Governance
      🌐 Open Source Program Office
    🏛️ Frameworks & Compliance
      📄 ISO 27001
      📄 NIST 800-53
      📄 VDA-ISA
      📄 CIS Controls
      🏷️ Data Protection / GDPR
      📋 ISMS Implementation
      🧪 Continuous Improvement
    ☁️ Cloud & Platform Security
      🌐 Multi-Cloud (AWS / Azure)
      🏗️ Enterprise & Reference Architectures
      🔒 Secure Cloud Services
      🧱 Network & VPC Security
      🔑 IAM / Least Privilege
    🛠️ Infrastructure as Code
      🧾 CloudFormation
      🛠️ Terraform
      🔄 GitOps / Pipelines
      📦 Supply Chain (SLSA Level 3)
    💻 Software Engineering
      ☕ Java / Spring
      ⚛️ React / TypeScript
      🐘 PostgreSQL
      🔄 CI/CD Automation
      🧵 Secure SDLC (SSDLC)
      📈 Code Quality (SonarQube)
    🔬 Security Operations & Assurance
      🚨 Incident Response
      🕵️ Vulnerability Management
      📈 Security Monitoring
      🧪 Threat Modeling
    🌍 Open Source Leadership
      📋 CIA Compliance Manager
      🏛️ Citizen Intelligence Agency
      🧩 Sonar-CloudFormation-Plugin
      🔧 cfn-nag Contributions
      🤝 Community Engagement
    🏆 Certifications & Recognition
      🎓 CISSP
      🎓 CISM
      🥇 AWS Security Specialty
      🥇 AWS Solutions Architect Professional
      🛡️ SLSA Level 3 Attestations
    🚀 Strategic Impact
      🔓 Transparency Advocacy
      🧭 Security-by-Design Enablement
      🧠 Knowledge Sharing / Speaking
      📢 Public Policy & Civic Tech

Experienced technology professional specializing in information security and delivery of secure cloud systems. Strong advocate for transparency in organizations and committed to ensuring robust security through open practices.

📚 Project Documentation

🏛️ CIA Compliance Manager Documentation

🏛️ Citizen Intelligence Agency Documentation

🛠️ Technology & Skills

📅 Career Highlights

%%{init: {'theme': 'base', 'themeVariables': { 'primaryColor': '#d1c4e9', 'primaryTextColor': '#1a1a1a', 'primaryBorderColor': '#9575cd', 'lineColor': '#9575cd', 'secondaryColor': '#bbdefb', 'tertiaryColor': '#c8e6c9'}}}%%
timeline
    title Professional Journey
    section Enterprise Security
      2024 : Application Security Officer, Stena Group IT
            : Risk Assessment, Cloud Security, Microsoft Azure, AI Governance
      2022 - 2024 : Information Security Officer, Polestar
            : ISMS Implementation, Security Compliance, Risk Management, OSPO Lead
      2018 - 2022 : Senior Security Architect, WirelessCar
            : Security Architecture, AWS Security, Secure Development Practices
    section Cloud & Security Engineering
      2017 - 2018 : Consultant, Consid AB
            : Open Source Development, CI/CD, Docker, AWS
      2010 - 2017 : Cloud Architect, Keypasco
            : Cloud Security Solutions, Multi-Tier Architecture, AWS Infrastructure
    section Software Development
      2008 - 2009 : Consultant, Redpill Linpro
            : Technical Support, System Administration, Development
      2006 - 2007 : System Developer, Sky
            : J2EE Projects, Agile Development, Test-Driven Development
      2003 - 2005 : J2EE Developer, Glu Mobile
            : Mobile Services, Integration
      2000 - 2002 : Software Engineer, Volantis Systems
            : Multi-Channel Server Product Development

🏆 Notable Contributions & Appearances

• Information Security Officer at Polestar, leading security practices and the Open Source Program Office
• Senior Security Architect at WirelessCar, supporting secure delivery practices and security risk management
• Open source contributor for cfn-nag, developing integration with SonarQube for CloudFormation security analysis
• Speaker at Javaforum Göteborg on secure architecture patterns
• Guest on Shift Left Like A Boss security podcast
• Featured in Computer Sweden and Riksdag och Departement for political transparency work
• Mentioned in National Democratic Institute survey on parliamentary monitoring organizations
• Operated Equal Rites BBS in the 1990s, part of Fidonet (Node 2:203/454)
• 

🗺️ Site Map Overview

Hack23.com is a static, multi-language HTML/CSS site deployed to AWS S3 + CloudFront.
For the authoritative, always up-to-date sitemap, use the live page:

• 🔗 Live Sitemap: https://hack23.com/sitemap.html

🏠 Home & Company

• 🏠 Homepage: https://hack23.com/index.html
• 🧭 Why Hack23?: https://hack23.com/why-hack23.html
• 🔐 CIA Triad FAQ: https://hack23.com/cia-triad-faq.html

🔑 Security Services

• 🔑 All Services: https://hack23.com/services.html
• 🧾 Security Assessment Checklist: https://hack23.com/security-assessment-checklist.html

🚀 Projects

• 🎮 Black Trigram: https://hack23.com/black-trigram.html
• 🏛️ Citizen Intelligence Agency: https://hack23.com/cia-project.html
• 📋 CIA Compliance Manager: https://hack23.com/compliance-manager.html

🌐 Languages

• 🇬🇧 English: https://hack23.com/sitemap.html
• 🇸🇪 Swedish: https://hack23.com/sitemap_sv.html
• 🇰🇷 Korean: https://hack23.com/sitemap_ko.html
• 🇳🇱 Dutch: https://hack23.com/sitemap_nl.html
• 🇩🇪 German: https://hack23.com/sitemap_de.html
• 🇫🇷 French: https://hack23.com/sitemap_fr.html
• 🇯🇵 Japanese: https://hack23.com/sitemap_ja.html
• 🇨🇳 Chinese: https://hack23.com/sitemap_zh.html

🔧 Technical Resources

• 🗺️ XML Sitemap: https://hack23.com/sitemap.xml
• 🤖 robots.txt: https://hack23.com/robots.txt
• 🔓 Public ISMS: https://github.com/Hack23/ISMS-PUBLIC
• 🖥️ Homepage Source: https://github.com/Hack23/homepage

📫 Connect