About CommitCraft

We craft secure software and resilient operations. Based in Singapore, CommitCraft helps organisations harden software supply chains, detect threats early, and respond efficiently to incidents.

Trusted by APAC enterprises

Team at work

Our mission

To make security a seamless part of engineering: pragmatic, measurable, and aligned with business outcomes. We combine offensive research, secure development practices, and operational monitoring to reduce risk.

  • Risk-first assessments and remediation guidance
  • Integrating security into CICD and dev workflows
  • 24/7 detection and rapid incident playbooks
8+
Years in APAC
120+
Engagements
99%
Client satisfaction
Security architecture

What we do

Advisory
Advisory & Compliance

Guidance to align security with regulations and business priorities across cloud and on-prem environments.

Learn more
Detection
Monitoring & Detection

SIEM tuning, threat hunting, and managed detection tailored to your telemetry and threat model.

Learn more
Incident response
Incident Response

Rapid containment, forensic analysis, and actionable remediation to shorten downtime and limit impact.

Contact us

Our team

Head of Security
Aisha Tan
Head of Security

Ex-SOC lead with specialist experience in cloud incident response and secure CI/CD.

Cross-functional expertise

Our consultants include former engineers, threat hunters, and compliance specialists who work collaboratively with your product and ops teams to embed secure practices.

Engagement model Speak with us

Case studies

Case study one
Fintech SIEM overhaul

Reduced false positives by 70% through tailored detection rules and pipeline optimizations for a regional fintech.

Read brief
Case study two
Supply chain hardening

Secured build and dependency workflows for an APAC SaaS provider; eliminated an exposed secret exposure vector.

Read brief

Frequently asked questions

Our initial containment guidance is provided within hours of engagement; full forensic analysis timelines depend on scope and access. For SGP-based clients we offer rapid onsite coordination if required.

Yes — we provide SIEM tuning and managed detection packages, including playbooks and monthly tuning cycles to keep noise low and signal high.

We work across finance, SaaS, supply chain and enterprises in APAC, with a strong footprint in Singapore's regulated sectors.

Partners & accreditation

CommitCraft logo Strategic partner
Regional MSSP alliances and tool integrators
Certifications
Practitioner certificates in cloud security, forensics and incident response

Careers & open roles

We're hiring engineers and security consultants who value craftsmanship and operational excellence. See open roles and how we work.

  • Senior Security Engineer — detection & hunting
  • Cloud Security Consultant — infra & CI/CD

Interested? Reach out — *** form required.

Email Careers Contact us