Practicing dentist. Independent security researcher. Two decades operating with precision at the intersection of regulated clinical care and offensive security.
The disciplines that shaped Greyhat4hire don't just coexist — they reinforce each other in ways few practitioners can claim.
Founder and principal of Umhlanga Dental, one of KwaZulu-Natal's leading private dental practices. First in KZN to adopt Waterlase Express dual-wavelength laser technology — a willingness to invest in precision tools before they become standard practice.
A regulated clinical environment demands zero ambiguity: every intervention is documented, every outcome is measured, and every action is taken under informed consent. Those habits don't stay at the surgery door.
A continuous and disciplined focus on information security, vulnerability research, and ethical hacking spanning more than two decades — maintained in parallel with a full clinical career. Not a career transition. A genuine dual vocation.
Operating as an intentionally limited-capacity independent consultancy ensures every engagement receives direct senior involvement rather than being delegated down a consultant chain.
"Operating in regulated clinical environments for over two decades instills something you cannot fake: the discipline to act only within authorized scope, document everything, and accept full responsibility for outcomes."
While most people choose a single path, Dr Sykes built two — in parallel, with full commitment to both. The result is a perspective on security that practitioners who came up entirely through IT cannot replicate.
Established Umhlanga Dental, building a practice defined by conservative treatment philosophy, patient transparency, and continuous investment in emerging technology.
Curiosity about how systems fail — rooted in the same diagnostic mindset applied clinically — evolves into structured vulnerability research and ethical hacking practice.
First practitioner in KwaZulu-Natal to adopt Biolase Waterlase Express dual-wavelength laser technology — evidence of a pattern: evaluating new tools seriously, then committing to them fully.
A formalised independent security consultancy — deliberately limited in capacity to preserve quality, confidentiality, and direct senior-practitioner involvement on every engagement.
Decades of operating within clearly defined clinical boundaries translate directly into security work. Nothing outside the agreed scope is touched — ever.
Clinical practice demands meticulous recordkeeping. Security reports from Greyhat4hire reflect that same standard — precise, reproducible, and litigation-ready if required.
Understanding of POPIA compliance, patient data sensitivity, and the operational constraints of healthcare environments — from the inside, not from a textbook.
Patient confidentiality is non-negotiable in dentistry. The same principle governs every security engagement — findings, methodologies, and client identities stay private.
Every engagement begins with documented, explicit authorization. No exceptions. No grey areas.
Testing is methodical, measured, and minimally disruptive — never reckless or exploratory beyond defined scope.
Findings are presented in language that leadership teams can act on — not jargon-dense reports that gather dust.
"The objective is not the demonstration of technical capability.
The objective is the delivery of clear security assurance that
leadership teams can rely on with confidence."
Greyhat4hire operates with intentionally limited engagement capacity. This is not a constraint — it is a deliberate design choice.
Large consultancies distribute work across teams of varying experience. At Greyhat4hire, Dr Sykes is directly involved in every engagement — from scoping to final report. The person who signs the engagement is the person doing the work.
Strict confidentiality is maintained throughout. Client identities, findings, and engagement details are never disclosed. All work is performed under NDA and within clearly defined legal and ethical boundaries.
Your engagement is handled by Dr Sykes personally — from kick-off through to report delivery and remediation review.
Every engagement is protected by a comprehensive non-disclosure agreement before any information is shared.
All work conducted within clearly defined written scope — no unilateral expansion, no testing of out-of-scope assets.
Engagements are limited. If you're looking for a practitioner who treats your security with the same diligence they apply in a regulated clinical environment — reach out.