CNO Software Engineering
Our team has experience providing both long-term software development life-cycle support as well as rapid development for quick response scenarios. We have experience with Windows API, Network, Kernel Driver Development, Linux/Unix Application & Kernel Development, Embedded Systems Development, Secure Software Design, Exploit Development, C, C++, x86 Assembly, Python, Perl, Ruby, Java, and .NET C#.
Our team strives to answer the question “how and why does this work?” Our team of reversers have experience reverse engineering hardware on embedded devices, deconstructing common network protocols and proprietary protocols, x86, x64, and Proprietary Binary File Formats.
Malware & Intrusion Analysis
Our team provides support to Incident Response and Intelligence Analysis missions by performing forensic analysis and analyzing malicious software from Advanced Persistent Threats. We can characterize and recreate cyber attacks, provide an understanding of the attacker’s capabilities and intent, and recommend proactive host and network mitigation strategies. We have specific expertise in Code packing, Obfuscation, Rootkit techniques, Exploit & Shellcode Analysis, Malicious PDFs, Device Drivers, Object-oriented Binaries, Threat & Adversary Characterization, Defensive Mitigation Strategy & Deployment, and Network & Host-based Forensics.
Vulnerability Analysis & Exploit Development
We combine our skills and experience from Reverse Engineering and CNO Software Development to discover and exploit vulnerabilities in networks, software, and systems. We have experience with Software & Protocol Fuzzing, Exploit Development, Penetration Testing, Embedded & Proprietary Systems Security Analysis, Source Code Review.
Threat/Attack Remediation & Mitigation
We combine ours skills in both offense and defense to demonstrate the begining to end solutions to protecting, identifying, containing, responding, remediating, and mitigating security breaches. Our analysts possess the ability to evaluate operating systems, network protocols, network configurations, network architectures for vulnerabilities and Software & Protocol Fuzzing, Exploit Development, Intrusion Analysis,Penetration Testing, Embedded & Proprietary Systems Security Analysis, and Source Code Review.
Network Analysis & Penetration Testing
Our team of network analysts have a background in white hat or grey hat hacking and enjoy hard challenges and out of the box thinking. We have experience using Metasploit and Kali to gather information about networks and test the network security posture. Our analysts possess the ability to evaluate operating systems, network protocols, network configurations, and network architectures for vulnerabilities.
Computer & Network Forensics
Our team of experienced digital forensic and memory analysts work to help re-create cyber attacks, assist with incident response, and perform malware analysis. They are experienced using EnCase, FTK, Helix, Wireshark, Volatility, parsing/analyzing memory snapshots, and numerous programming languages such as Python, Perl, and Ruby.
Research & Prototyping
As part of going above and beyond in delivering our services, we perform research for our customers to discover or create innovations that enhance or automate analytic capabilities, increase knowledge of adversarial threats, or enable new CNO capabilities. Some examples of research topics we’ve undertaken include Long-term characterization of Advanced Persistent Threats, Using binary metadata to automate characterization of malware, Tools to automate and facilitate malware reverse engineering, and Exploitability of HTML5 geolocation services.