Our Approach

We know that no one challenge is the same, so we tailor a cohesive approach to meet your specific needs. We integrate cutting-edge research, vulnerability engineering, and offensive threat intelligence with deep national security policy and analytical expertise.

Our Services

Latest Blog Posts

Cyber Militias Redux: Or, "Why Your Boss Might Also Be Your Platoon Leader in China"

Cyber Militias Redux: Or, "Why Your Boss Might Also Be Your Platoon Leader in China"

By Kieran Green · Aug 13, 2025

The Fake IT Worker Triangle: Pyongyang, Moscow, and Beijing

The Fake IT Worker Triangle: Pyongyang, Moscow, and Beijing

By Justin Sherman · Jan 28, 2025

You Can’t Spell WebRTC without RCE - Part 3

You Can’t Spell WebRTC without RCE - Part 3

By Ian Dupont · Aug 12, 2024

You Can't Spell WebRTC without RCE - Part 2

You Can't Spell WebRTC without RCE - Part 2

By Ian Dupont · Jul 26, 2024

You Can't Spell WebRTC without RCE - Part 1

You Can't Spell WebRTC without RCE - Part 1

By Ian Dupont · Jul 19, 2024

Disassembling Dalvik

Disassembling Dalvik

By Evan Richter · May 29, 2024

We know how to detect XZ and we know how to solve it

We know how to detect XZ and we know how to solve it

By Margin Research · Apr 4, 2024

Open Source

Same Same, but Different

Same Same, but Different

By Winnona Bernsen · Feb 29, 2024

Russia’s largest hacking conference: Biggest hits from Positive Hack Days 2023

Russia’s largest hacking conference: Biggest hits from Positive Hack Days 2023

By Justin Sherman · Dec 5, 2023

Emulating and Exploiting UEFI Firmware

Emulating and Exploiting UEFI Firmware

By Joe Lothan · Sep 29, 2023

Resources

Latest Resources

Emulating and Exploiting UEFI Firmware

Emulating and Exploiting UEFI Firmware

One major difficulty of doing low-level security research is the lack of a testing and debugging environments. When

Resources

Grow With Us

Looking to take on some of the most unconventional and next-level security challenges?

See what positions we have open. ↗