MrežaTok Start a conversation
Home 01 About 02 Services 03 Contact 04 Request a brief

About the studio

Senior people, doing the unglamorous part well.

digitalnival started in 2015 with a simple frustration: most security advice arrives as a long PDF and a large invoice, and nobody is there when the alert actually fires. We built the studio to be the opposite of that.

Where we come from

Eleven years between the SOC and the boardroom.

Our founders met inside a national response team, working the incidents that made the morning news but never carried a name. We learned two things there. Defences fail at the seams nobody owns, and the difference between a contained event and a public one is usually measured in minutes.

So the studio is built around speed and ownership. We keep the team small on purpose. Every client has a named lead who knows their environment, not a queue of ticket handlers reading from a script.

We would rather tell you the one thing that will actually hurt you than hand over a hundred findings you will never read.

— How we write reports

What we hold to

Four working principles.

01

Plain language

Risk explained the way you would explain it to a colleague, not buried under acronyms. If a board member cannot act on our report, we have not finished it.

02

Defence you can keep

We build controls your own engineers can run after we leave, and we document the reasoning behind each one. No dependence on us by design.

03

Named accountability

One senior lead carries your engagement end to end. The person who scopes the work is the person who answers when the pager goes off.

04

Quiet by default

We work under strict confidentiality. Client names stay out of our marketing — discretion is part of what you are paying for.

The bench

The people you work with.

A deliberately small team of senior practitioners. We grow slowly and only when we can keep the quality.

Luka Kovačević

Lead, offensive testing

Fifteen years testing systems on request across energy and telecom. Co-founded the studio after a decade inside incident response.

Ivana Marić

Lead, detection engineering

Builds monitoring that catches the quiet events. Six years in a national response team before joining digitalnival.

Domagoj Horvat

Lead, compliance & advisory

Translates NIS2 and ISO 27001 into controls auditors accept, and sees clients through every assessment.

Petra Tomić

Analyst, security operations

Watches the overnight signals and runs first triage. The reason an alert at 3am becomes a calm message rather than a crisis.

Marko Novak

Engineer, cloud security

Designs account boundaries and identity policy for the firms running their core systems across several cloud providers.

Ana Babić

Engineer, detection & response

Tunes alerting so it earns attention. Leads tabletop exercises that prepare teams for the day it stops being a drill.

Want to know if we are the right fit?

A short conversation tells us both whether your work matches how we operate. No obligation either way.

Start a conversation See our services