Empowering Clients to the next level of Cybersecurity

A Cybersecurity Partner You Can Trust

We are Strategists, Engineers, Analysts, and Governance Experts embedded in the world’s biggest cyber missions and trusted to advance them.

Our high standards in servicing clients are exemplified through information security, quality and IT service management certifications, both at individual and organisational levels.
Our Services
Managed Detection & Response

CyBourn’s Managed Detection and Response Service maintains seamless integration with our clients’ IT infrastructure and processes. We deliver optimum levels of hardware and software integration, enabling analysts to rapidly detect threats. Our incident handling process ensures that threat mitigation activity commences immediately following identification.

Managed Detection & Response
Our Services
Penetration Testing

Penetration Testing is a method for gaining assurance in the security of an IT system by attempting to breach some or all of that system’s security, using the same tools and techniques as an adversary might. Penetration testing should be viewed as a method for gaining assurance in your organization’s vulnerability assessment and management processes, not as a primary method for identifying vulnerabilities.

pen-testing
Our Services
Incident Response

Our incident response methodology is designed to provide a common framework for our incident responders to work and interact as part of the SOC eco-system in order to react quickly and effectively to identified threats within infrastructure while coordinating their actions with monitoring and detection teams as well as other incident responders.

incident-response
Our Services
Threat Hunting

Our threat hunting methodology is designed to provide a common framework for our threat hunters to work and interact as part of the SOC eco-system in order to provide focused targeted threat detection and effective continuous improvement to our automated detection and response capabilities.

threat-hunting
Our Services
Cybersecurity Awareness Training

Cybourn builds and executes complex social engineering scenarios to test awareness levels of internal staff. As the number one entry point for data breaches, phishing techniques are very hard to mitigate. The best solution to cope with such threats is maintaining high levels of awareness.

cyber-awareness

Secure your remote workforce

Implementing effective cybersecurity measures is particularly challenging today because there are more devices than people, attackers are becoming more innovative, and we are facing the fact that there will forever be more remote workers in the new post-pandemic world.

The latest cyberoffensive intelligence to identify and address security risks

Defending against cyber threats requires an in-depth understanding of how attackers operate. Our extensive experience of conducting pen testing, red teaming and other ethical hacking engagements around the world means we have first-hand knowledge of the latest adversarial tactics and wide-ranging insight into how to safeguard against them.

Incorporating your tools 

CyBourn delivers ultramodern solutions in consultation with our clients’ IT and risk departments enabling a high degree of scalability and customisation. We can utilise existing client tools, or act as security integrators to recommend and implement open-source, commercial, or off-the-shelf products.

CyBourn takes a unique bespoke approach to developing cybersecurity solutions

We deploy SOAR (Security Orchestration, Automation, and Response) solution stack to ensure deep visibility, continuous analysis, and rapid response. If an existing product or solution does not offer the needed level of visibility for you, CyBourn can build custom tools to collect relevant data.

CyBourn leverages bespoke ML algorithms.

CyBourn leverages machine learning algorithms to build network and user behavioural patterns, detect anomalies accurately, perform in- depth investigations, and act swiftly to contain potential threats, enhance proactive analysis, and map behaviour.

Drive decisions through powerful data

Integrate your essential data and information security indicators to empower your data driven decision making and response capabilities with Etherlast.

We offer global coverage

Enabled by our global R&D and continuous internal development process, we cover the entire cybersecurity landscape for enterprises across industries, sectors and geographies.

End-to-end solutions

We live the policies, architectures, and intelligence that define cyber enterprises and operations. Our experts have significant experience in offering state-of-the-art monitoring solutions, best in class incident response services, and tailored strategic cybersecurity consulting.

Secure your remote workforce

Implementing effective cybersecurity measures is particularly challenging today because there are more devices than people, attackers are becoming more innovative, and we are facing the fact that there will forever be more remote workers in the new post-pandemic world.

The latest cyberoffensive intelligence to identify and address security risks

Defending against cyber threats requires an in-depth understanding of how attackers operate. Our extensive experience of conducting pen testing, red teaming and other ethical hacking engagements around the world means we have first-hand knowledge of the latest adversarial tactics and wide-ranging insight into how to safeguard against them.

Incorporating your tools 

CyBourn delivers ultramodern solutions in consultation with our clients’ IT and risk departments enabling a high degree of scalability and customisation. We can utilise existing client tools, or act as security integrators to recommend and implement open-source, commercial, or off-the-shelf products.

CyBourn takes a unique bespoke approach to developing cybersecurity solutions

We deploy SOAR (Security Orchestration, Automation, and Response) solution stack to ensure deep visibility, continuous analysis, and rapid response. If an existing product or solution does not offer the needed level of visibility for you, CyBourn can build custom tools to collect relevant data.

CyBourn leverages bespoke ML algorithms.

CyBourn leverages machine learning algorithms to build network and user behavioural patterns, detect anomalies accurately, perform in- depth investigations, and act swiftly to contain potential threats, enhance proactive analysis, and map behaviour.

Drive decisions through powerful data

Integrate your essential data and information security indicators to empower your data driven decision making and response capabilities with Etherlast.

We offer global coverage

Enabled by our global R&D and continuous internal development process, we cover the entire cybersecurity landscape for enterprises across industries, sectors and geographies.

End-to-end solutions

We live the policies, architectures, and intelligence that define cyber enterprises and operations. Our experts have significant experience in offering state-of-the-art monitoring solutions, best in class incident response services, and tailored strategic cybersecurity consulting.

UI2C
UI1C
UI3C
UI2CUI1CUI3C
What’s trending at CyBourn
The Cybersecurity Express – Issue #3
Blog | 2 NOV, 2021
The Cybersecurity Express – Issue #3
You just got your ticket, and you look at your watch: Ugh, you’re late. Your fist tightens the grip on your briefcase as you start running towards the platform. A powerful whistle can be heard as the engine cranks the wheels in motion. You make a dash, grab hold of the rail, and hoist yourself up the wagon door. You made it on board the Cybersecurity Express! In front of you, the schedule reads: ‘Trojan source’ can this be your new nightmare? SQUIRRELWAFFLE, phishing is back, and it’s used to gain access to enterprise networks. Followed by a flaw in macOS found by Microsoft and a new windows LPE zero-day vulnerability found, among others.,‘Trojan Source’ The Stuff of Nightmares,Cambridge University researchers Nicholas Boucher and Ross Anderson published a ,paper, stating that all compilers are subjectable to malicious code injection by threat actors, that goes on without detection. Researchers said that “,the attack exploits subtleties in text-encoding standards such as ,[object Object], to produce source code whose tokens are logically encoded in a different order from the one in which they are displayed, leading to vulnerabilities that cannot be perceived directly by human code reviewers,”. Spotlighted as ,CVE-2021-42574, and ,CVE-2021-42694, they affect compilers of all popular programming languages such as C, C++, C#, JavaScript, Java, Rust, Go, and Python.,This issue takes advantage of ,Unicode’s bidirectional, algorithm which enables support for both left-to-right (English) and right-to-left (Arabic) languages. These, however, can be used interchangeably within the same code and can allow writing left-to-right words inside a right-to-left sentence, or vice versa, thus allowing for software vulnerabilities to be injected in a practically invisible manner, further trickling down the supply chain.,Unfortunately, this is not something that one entity can fix, and will have to be eradicated with an industry joint effort.,Squirrelwaffle, from Spam Campaign to Infection,Researchers uncovered a malspam campaign used to deliver malicious Microsoft Office documents that set the stage for later infection and are “,used to facilitate the delivery of additional malware such as ,[object Object], and ,[object Object],, two of the most common threats regularly observed targeting organizations around the world,”,Mid-September 2021 Talos engineers observed campaigns that tricked users into opening malicious payload by leveraging stolen email threads, making them appear to be replies to existing emails, typically contain hyperlinks to malicious ZIP archives. Interestingly, some sort of dynamic localization is used as the malicious emails are in the same language as detected in the thread to which they respond, making them more authentically convincing.,As it is with human engineering, there is no better protection than a well-informed employee, so make sure you and your colleagues attend those cybersecurity briefings.,MacOS Vulnerability Found by … Microsoft?!,In stranger news, it seems it’s more lucrative to find vulnerabilities in someone else’s back yard, rather than in your own. The so dubbed ,‘Shotless’, flaw is already accounted for as ,CVE-2021-30892, and fixed with macOS Monterey Patch 12.0.1. This vulnerability allows attackers to bypass System Integrity Protection (SIP) and perform malicious activities, like gaining root privileges and installing rootkits on the device.,System Integrity Protection,, also referred to as rootless, is a macOS security feature introduced in OS X El Capitan, in 2015, that restricts a root user from performing operations that may compromise system integrity. Only processes signed by Apple are allowed to modify those protected parts of the OS.,“While assessing macOS processes entitled to bypass SIP protections, we came across the daemon system_installd, which has the powerful com.apple.rootless.install.inheritable entitlement. With this entitlement, any child process of system_installd would be able to bypass SIP filesystem restrictions altogether.”, ,saidMicrosoft.,Microsoft even made a proof-of-concept (POC) exploit to override the kernel extension exclusion list:,
  • Download an Apple-signed package (using ,[object Object],) that is known to have a post-install script
  • ,
  • Plant a malicious ,[object Object], that would check for its parent process; if it’s ,[object Object],, then it would write to restricted locations
  • ,
  • Invoke the ,[object Object], utility to install the package
  • ,null,
    Microsoft PoC execution. Copyright Microsoft
    ,LPE Zero-day Vulnerability in Windows,While Microsoft is busy finding vulnerabilities in other vendor software, researchers are finding vulnerabilities in Windows, it’s only fair. Back in August, Microsoft patched “Windows User Profile Service Elevation of Privilege Vulnerability” – ,CVE-2021-34484,. After examining the fix, researchers were able to bypass it with a new exploit that was published on GitHub, claiming that Microsoft only fixed what was the result of the PoC, but didn’t handle the underlying issue. This exploit will cause an elevated command prompt with SYSTEM privileges to be launched while the ,User Account Control, (UAC) prompt is displayed. The severity of this bug is downplayed by the fact that the attacker must already have two user credentials to be able to pull this off.  ,We have arrived back at the station and in conclusion…,What exciting stops we have had today, but everything must draw to an end, the train must head back to fuel for new and exciting destinations, but not before visiting a few noteworthy events in the world of cybersecurity:,
  • [object Object], malware found to have infected over 1.6 million devices, mostly from China, is one of the largest botnets ever to be observed.
  • ,
  • Microsoft manages to break network printing again with KB5006674 and KB5006670 updates. Until patched, they are advising that network security and VPN solutions allow print clients to establish RPC over TCP connections to print server over the following port range:,[object Object],[object Object],[object Object]
  • ,
  • Make sure to install the latest Chrome patches as they address two actively exploited 0-day bugs.
  • ,We hope you enjoyed traveling onboard the Cybersecurity Express and we await your return.,Until next time, stay safe!
    The Cybersecurity Express – Issue #2
    Blog | 29 SEP, 2021
    The Cybersecurity Express – Issue #2
    You made it just in time, for the second departure of the Cybersecurity Express. The whistle blows, wheels start spinning, so thus the journey begins! Today we will make a stop at “Dark Basin” – a massive Hack-For-Hire operation ,uncovered, by ,Citizenlab,, a scandal on which, ,CyBourn’s, very own, Ashwin Jayaram, CyBourn CEO, was interviewed by the New York Times. Our second stop is an Azure active directory flaw that allows for unlimited password guessing. Lastly, a brand-new way malware can use to escape detection on Windows.,Dark Basin – “You desire, we do”,That literally is their slogan – “You desire, we do”. An Indian company, ,BellTroX InfoTech, has been linked with ,massive Hack-For-Hire operation, uncovered by ,Citizenlab,. Talking about hiding in plain sight… ,Dark Basin, is a hack-for-hire group that has targeted countless individuals and institutions. Targets include advocacy groups and journalists, elected and senior government officials, hedge funds, and multiple industries, many of which being organizations working on a campaign called ,#ExxonKnew,, which claims that ExxonMobil hid information about its impact on climate change for decades.  ,“The lawsuit filed last month in Federal Court in North Carolina, by an Iranian aviation executive, Farhad Azima, alarmingly alleges collaboration between a web of international law firms, private investigators and hackers in India, claiming that such tangled relationships are common in hacking for hire schemes, so that intermediaries can be used to obfuscate who may be ultimately responsible for a hacking attempt and make it difficult for investigators to peel back the layers to the ultimate source. Hacking for hire schemes clearly fall foul of section 43 of the IT Act and shall constitute “unauthorised access”, What action is taken legally against such activities mushrooming in India could actually determine if the country’s famous IT Sector retains it global reputation or gets a bad name.”, says Salman Waris, Partner at ,TechLegis,.,Through tedious collaboration with dozens of targeted organizations and individuals, using a mix of open-source intelligence and investigations and some good old journalism, Citizenlab was able to link Dark Basin’s activity, with high confidence, to individuals working at an Indian company named BellTroX InfoTech Services (and possibly other names)”. It seems that BellTroX’s director, Sumit Gupta, despite being ,indicted in California in 2015, for his role in a similar hack-for-hire, is still in this dirty business.,The investigation revealed a combination of Timestamps UTC+5:30(India time zone), URL shorteners and copies of a phishing kit source code available openly online that all pointed to BellTroX involvement. Not to mention that some employees utilized personal information as bait content when testing their URL shorteners, information also left publicly available. Don’t be so quick to this is think sloppy work, because they also made social media posts taking credit for attack techniques containing screenshots of links to Dark Basin, so they were mostly bragging about their endeavors, probably to gain notoriety in that “line of work”.,Organizations such as: ,Rockefeller, Family Fund,, ,Greenpeace,, ,Center for International Environmental Law,, ,Union of Concerned Scientists, (just to name a few) gave consent to be publicly disclosed as being targets of the attackers. Many other companies prefer to remain anonymous.,The perpetrators went so far as to makings websites that look identical to popular online web services such as Google Mail, Yahoo Mail, Facebook, and others.,If you are an organization fighting against big oil moguls, or find any common goals as the organizations targeted, It’s best you use the IOCs released by Citizen on ,github, to check if you were/are a target of the malicious group.,Some of the useful information on ,github, includes:,
  • Domain registrations like: maiil.u.1.serviice-maiil.rpsnv.11-ct-13475230763454343764-rver.6.1.6206.1.5.rver.6.1.6206.0-wp-mbi.wreply-https
  • ,
  • MISP export of IDS rules – optimized for snort
  • ,
  • Malware indicators
  • ,
  • Emails used in phishing campaigns
  • ,Azure Active Directory password bug,Researchers gave word of a recently discovered flaw in the protocol used by Azure Active Directory ,Seamless Single Sign-On ,service that allows for continuous brute-force of an AD user’s credentials. And if “That sounds impossible!” you may say, it’s because these attempts aren’t logged on to the server. Usual anti brute-force mechanisms rely on logs and specific error codes.,“This flaw allows threat actors to perform single-factor brute-force attacks against Azure Active Directory without generating sign-in events in the targeted organization’s tenant,” explain the researchers.,Seamless SSO allows users access to Azure AD without the need of credential input if they are in the networked premise. “This feature provides your users easy access to your cloud-based applications without needing any additional on-premises components,” ,explains Microsoft,.,Here’s a short version of how the Seamless SSO mechanism is vulnerable:,
  • A computer object named AZUREADSSOACC is created in the on-premises Active Directory (AD) domain and is assigned the service principal name (SPN)
  • ,
  • The object name and the password hash of the computer object are sent to Azure AD.
  • ,
  • The following autologon endpoint called “windowstransport” receives a ,[object Object], tickets and Seamless SSO occurs automatically without any user interaction
  • ,
  • There is a ,[object Object], endpoint at ,[object Object], that accepts username and password for single-factor authentication, for which an XML file containing their username and password is sent to this usernamemixed endpoint.
  • ,
  • If the username and password are a match, authentication succeeds, and the Autologon service responds with XML output containing an authentication token, if it fails, only an error message is generated in that XML output.
  • ,These authentication steps of Autologon to Azure AD are not logged, thus allowing threat actors to utilize the usernamemixed endpoint for undetected brute-force.,Microsoft is considering this a “design choice”, not a vulnerability and it’s unclear if the flaw would be fixed. Until then, organizations are at risk of sneaky brute-force attacks. Maybe we need to use passwords longer than the cybersecurity train?!,Undetectable Malware on Windows,Google cybersecurity researchers ,revealed, a new technique adopted by threat actors to conceal malicious payloads using malformed digital signatures.,The usual technique involves using illegally obtained digital certificates to sneak adware and other unwanted software past malware detection tools, by masquerading as legitimate software or by embedding the attack code into legitimate digitally signed software components. This new technique stands out for its intentional use of malformed signature to give defenses the old slip. This was observed with a known family of ,adware, called ,OpenSUpdater,, where most of the targets of the campaign are users who are prone to downloading cracked versions of games and other grey-area software. “Attackers created malformed code signatures that are treated as valid by Windows but are not able to be decoded or checked by OpenSSL code – which is used in a number of security scanning products,” ,said, Google Threat Analysis Group’s Neel Mehta, “This is the first time TAG has observed actors using this technique to evade detection while preserving a valid digital signature on PE files”. The artifacts are signed with an invalid leaf ,X.509 certificate, that’s edited in such a manner that the ‘parameters’ element of the ,SignatureAlgorithm, field included an End-of-Content (EOC) marker instead of a NULL tag.,Some antivirus engines were able to detect the malware, Windows Defender being one of them. Other reputable antivirus companies need to implement changes so that their software also detects this kind of threat.,                As the Cybersecurity Express starts heading back to the depo, we still catch a glimpse of this subject: “Not less than 11 vulnerabilities disclosed in Nagios network management systems, that allow attackers remote code execution with the highest privileges and more! Make sure to keep exploits at bay with ,updates, in Nagios XI 5.8.5 or above, Nagios XI Switch Wizard 2.5.7 or above, Nagios XI Docker Wizard 1.13 or above and Nagios XI WatchGuard 1.4.8 or above systems”. For updates like this, that are posted within 24 hours of their disclosure, make sure to follow ,CyBourn, on ,LinkedIn, and ,Twitter,. Hope to see you onboard again, soon.
    The Cybersecurity Express
    News | 16 SEP, 2021
    The Cybersecurity Express
    CyBourn, is launching the Cybersecurity Express, bringing you trending subjects in sizeable chunks! Hop aboard and let us take you on a journey of what’s happened during the past days in the trilling world of Cybersecurity. Mind the gap and keep your limbs and heads inside the vehicle at all times, because we are passing at high speed through attacks, zero-day vulnerabilities and exciting news.,We are now arriving at our first destination:,Microsoft Releases patch for Office 365 zero-day attacks,You may be familiar with Microsoft disclosed vulnerability ,CVE-2021-40444,, in which Windows Server 2008 through 2019 and Windows 8.1 through 10 systems are susceptible to attack via a malicious ActiveX control used by a Microsoft Office document that hosts the MSHTML browser rendering engine.,A patch has been released on September 14,th,, this mitigation method being advised above all other workarounds proposed by specialists so far: having “protected mode” on, modifying registry keys etc. The widows updates are a must, after the mitigations proposed by Microsoft were bypassed successfully and the attack ,was carried out, even with files ,that have no MoTW, (Mark of the Web) flag, for which “protected mode” does not apply.,We can only hope this patch put an end to the ActiveX nightmare for good and eliminates all other bypass possibilities. See the ,vulnerability official page,, “Security Updates” section for more information on the cumulative updates, which also address other ,60 vulnerabilities, (86 including Microsoft Edge), fixing one bonus unexploited zero day: ,CVE-2021-36968, – Windows DNS Elevation of Privilege Vulnerability,Microsoft Azure’s “OMIGOD” and “ChaosDB” vulnerabilities,“OMIGOD”,Impacting Azure Linux virtual machines that use the ,Open Management Infrastructure, (OMI). This utility is intended to function similarly to Windows WMI service allowing for collection of logs and remote management commands. OMI is built to require authentication, binding commands to a user ID, but a bug allows for malformed requests that manage to skip the authentication phase and are interpreted as coming from root. Even worse, the tool can be configured for remote management, whilst running an HTTPS server on port 5986 which can be connected to with a standard HTTPS client like curl and receives XML-derived ,SOAP, protocol commands. A compromised system will allow the attacker to run arbitrary commands as root using OMI syntax. More so, if OMI is configured to  listen on a network port, the attacker can use that get control of other virtual machines on the same network.,CVEs issued being tied to this OMI utility exploit:,
  • [object Object], – Unauthenticated RCE as root (Severity: 9.8)
  • ,
  • [object Object], – Privilege Escalation vulnerability (Severity: 7.8)
  • ,
  • [object Object], – Privilege Escalation vulnerability (Severity: 7.8)
  • ,
  • [object Object], – Privilege Escalation vulnerability (Severity:  7.0)
  • ,Not all hope is lost, to mitigate this threat you can use your platform’s package tool to upgrade OMI, with commands such as: “,sudo apt-get install omi,”, to the the latest version ,v1.6.8-1, of the software. You can first check to see if you are vulnerable by connecting to your Azure VMs and run the commands below to see the OMI version installed:,
  • Debian systems: ,[object Object]
  • ,
  • Redhat systems: ,[object Object]
  • ,In the cases where OMI listens on TCP ports, limiting access to these ports via Linux firewall, is advised. A global firewall deny rule, with allow rules only for specific machines that need to access a given service is always a good measure.,“Chaos DB”,This may be old news, as it was reported to Microsoft back in August, still poses a major threat, because any Cosmos DB account that had Jupyter Notebook enabled could be compromised. Microsoft security teams took immediate action to disable the notebook service, right after the critical vulnerability was reported to them. Remediated or not, users are still required to perform mitigation steps due to the risk that their Cosmos DB primary keys were obtained by malicious actors.,Using a chain of vulnerabilities in the Jupyter Notebook feature of Cosmos DB, an attacker can query information about the target, obtaining a set of credentials that can be used to view, modify, and delete data in the Cosmos DB account.,Follow this ,Microsoft guide, to regenerate your Cosmos DB Primary Key, should this mitigation be applicable in your organization.,Approaching our final stop:,‘Azurescape’, a first Kubernetes container escape,Microsoft keeps making the headlines, with yet another critical vulnerability discovered, “the first cross-account container takeover in the public cloud” researchers say.,A malicious Azure actor could compromise the multitenant ,Kubernetes, clusters hosting ACI, establishing full control over other users’ containers, enabling him to steal customer secrets and images deployed to the platform, and possibly abuse ACI’s infrastructure for cryptomining. By deploying a ,WhoC, to ACI, researches managed to read the container runtime and were shocked to find ,runc, version v1.0.0-rc2, released way back in October 2016, known to be vulnerable to at least two container breakout CVEs. All that was left was to modify a PoC container image and deployed it to ACI to get a reverse shell running as root on the Kubernetes node. Once here, they monitored the traffic on Kubelet port 10250 for a request that includes a JWT token in the authorization header. Used the, az container exec, to run a command on the uploaded container, resulting in the bridge pod sending an ,exec ,request to the Kubelet on the compromised node. Finally, back on the node, they extracted the bridge token from the request’s authorization header and used it to pop a shell on the api-server. Voilà!,Consequently, Microsoft released a patch to ACI. The bridge pod no longer sends its service account token to nodes when issuing ,exec, requests, preventing the reported cross-tenant attack. Also the bridge now verifies that a pod’s ,status.hostIP, field is a valid IP before sending an exec request.,It’s been a rough month for Microsoft, but this is the way of the digital world today. Before we end, here are some mention worthy events:,
  • Apple fixes “zero-click”, iMessage zero-day exploited to deliver spyware (CVE-2021-30860)
  • ,
  • Russian ransomware Group REvil Back Online After 2-Month Hiatus
  • ,
  • Coincidentally, ransomware attack hit South African Justice Department and medical technology giant Olympus, however with no ties to latter mentioned group.,[object Object]
  • ,Thank you for riding in the Cybersecurity Express, please don’t forget to take any personal belongings and stay safe by installing updates and patches regularly. Thank you for hitching a ride on the ,CyBourn, Cybersecurity Express. Hope to have you on board for our next departure, soon!
    CyBourn Announces the Launch of Their New Website
    News | 15 APR, 2021
    CyBourn Announces the Launch of Their New Website
    We are very excited to announce the launch of our newly designed website.,After months of hard work and dedication from ,Insomniac Design,, we are delighted to officially announce the launch on 22 March 2021. We wanted to make the new website faster, easier to navigate, and more user-friendly.,As a leader in the cybersecurity industry, it is important for us to make information regarding our thought leadership, services, and trends easily accessible for our current and prospective clients. We endeavour to provide our clients with the most accurate, up-to-date information and share our knowledge and expertise in the field of cybersecurity, MDR, penetration testing and cybersecurity awareness training.,Our goal with this new website is to provide our visitors an easier way to learn about CyBourn’s services and to browse information based on their own choice of blogs, news, or press. The new website gives better access to information about our services, as well as improved pages for our partners and a forthcoming Knowledge Centre hub.,Our current and prospective clients will find useful information about our services on the homepage of our website. Amongst the new features the site contains integrated social media buttons for ,Facebook,, ,Twitter, and ,Linkedin, to foster improved communication on social media. We will be constantly updating our content with helpful information, cutting edge thought leadership, company announcements and client successes in the Blog, News and Press section.,We would also like to thank ,Insomniac Design, for their hard work and energy to make this site what it is – we wholeheartedly recommend them! If you have any questions, suggestions, feedback, or comments on our new site please ,contact us,.,
    null

    Tell us about your Cybersecurity needs

    We are strategists, engineers, analysts, and governance experts embedded in the world’s biggest cyber missions and trusted to advance them. Let us help you today.