During pandemic, we could not travel to customer locations and wanted to continue working on providing quality pentests and incident response services. CompSec Direct created small shippable cyber kits packaged inside PPE containers and has continued to improve this concept. "For us it was simple, adapt or close. While other vendors create large field kits, we [...]
Our President, Jose Fernandez, ran a malware analysis workshop using containers during AvengerCon VII. The event, hosted at Dreamport in Columbia, MD allowed participants to use Kleared4, our disassociated cyber-range, to safely analyze and triage malware samples in a controlled environment. Participants analyzed ransomware samples, and random samples in both Linux and Windows containers. If you [...]
Kleared4 closed-operation fly-away edge kit
Problem: A few months ago, Giancarlo Gonzales, a former CIO for the island of Puerto Rico, indicated the lack of updates towards open-data in data.pr.gov. As part of an open-data initiative, Puerto Rico created its own version of data.gov, called data.pr.gov, which provides free and open access to government information datasets. Giancarlo alluded to the lack of updated [...]
Case 1. If you like the case study, hit us up and let us know. Take care. Malware Analysis on Hybrid-Analysis. case1Download
CompSec Direct has been approved as a Qualified Maryland Cybersecurity Seller (QMCS) by the Department of Commerce of Maryland. This allows us to provide cybersecurity services to qualifying companies under the Buy Maryland Cybersecurity (BMC) program. The program allows companies with 50 employees or less to purchase services and products from approved vendors like CompSec Direct. [...]
The Center of Investigative News (Centro de Periodismo Investigativo) published an excellent summary of events from the situation the department of Hacienda faced in early March of 2017. Our early involvement in this event helped the citizens of Puerto Rico during an already difficult economic situation. We will continue to work with the department of Hacienda [...]
CompSec Direct was asked to provide incident response services to the department of Hacienda, the Treasury department of Puerto Rico, on March 7,2017. The department of Hacienda was experiencing daily losses of approximately $20 million dollars a day due to the severity and impact of ransomware on the government network. CompSec Direct’s president, Jose Fernandez, led [...]
We hosted a training session on remote incident response operation on Oct 7, 2016. The course was provided “pro-bono” through @Obsidis_NGO, participants paid a small registration fee that covered lunch. Students were able to analyze malware on remote systems in a safe and controlled environment using our RIL platform. We want to thank everyone who attended the session and [...]
An excellent publication from Forcepoint that covers CnC malware, malicious insiders and attribution. Unlike other threat reports, this report covers multiple human factors that are often neglected in technical reports. In some cases, human error and predisposition to reuse malware has lead thee researchers to determine a high probability of configuration reuse which leads to easier detection of [...]
