On July 17 2025, we received an email from an IC company. Thing is, we can’t be sure about emails like this since we do Business Development (BD), but none of us knew the person sending the email and the Request For Information or RFI seemed odd. Figure 1: Email with suspicious link: https[:]//siliconoasis.co/connected Our President, [...]
CompSec Direct ran Breach Village during a local BSides conference. "We wanted Breach Village to showcase real-problems and not the made up scenarios people see in Capture the Flags events. Realism and modern problems in cyber security are difficult to showcase into a fun learning environment" said Jose Fernandez. Breach Village used our Kleared4 cyber range [...]
CompSec Direct developed an AI powered phishing rater to determine how impactful a phishing email or text is. We created a simple to use interface powered by a well designed framework to accurately measure phishing communications across multiple industries. Our AI system operates using local large learning models (LLMs) as opposed to online services from GPT [...]
During pandemic, we could not travel to customer locations and wanted to continue working on providing quality pentests and incident response services. CompSec Direct created small shippable cyber kits packaged inside PPE containers and has continued to improve this concept. "For us it was simple, adapt or close. While other vendors create large field kits, we [...]
Our president was able to teach over 200 participants at six cyber security focused conferences in an full-day workshop. Participants used Kleared4, our US made and hosted cyber range to analyze malware samples in a safe environment. "The best part about our range is that we provide all users a way to use real-world threats in [...]
We are providing our case study on echoraix, a ransomware group that targets network connected storage appliances from QNAP and Synology. Please share this case study with others and contact us for similar case studies, or related protection services. CompSec-Direct-echoraix-report-Apr-6-2024
🕵Our President, Jose Fernandez will run our Using containers to analyze malware at scale (UCTAMAS) workshop at BSidesNoVA on Sep 8, 2023. This is the 4th run of this workshop which takes participant feedback to improve each iteration in technical content and delivery of workshop objectives.👨💻 If you are interested in containers, malware analysis and red [...]
Our President, Jose Fernandez, ran a malware analysis workshop using containers during AvengerCon VII. The event, hosted at Dreamport in Columbia, MD allowed participants to use Kleared4, our disassociated cyber-range, to safely analyze and triage malware samples in a controlled environment. Participants analyzed ransomware samples, and random samples in both Linux and Windows containers. If you [...]
CompSec Direct is Microsoft recognized for firmware analysis. This is a new specialization within the Defender for IoT ecosystem of Microsoft's security portfolio. We can help your organization find vulnerabilities within your IoT devices and prioritize changes to ensure resilience within your IoT equipment.
Ransomware: Hacienda of Puerto Rico
