zero-day

/zero-day

Enemy of the state

A case study in Penetration Testing

We haven’t been blogging as much as usual largely because we’ve been busy hacking things.   So, we figured that we’d make it up to our readers by posting an article about one of our recent engagements. This is a story about how we covertly breached a highly sensitive network during the delivery of a Platinum level Penetration Test.

First, we should make clear that while this story is technically accurate certain aspects have been altered to protect our customer’s identity and security. In this case we can’t even tell you if this was for a private or public sector customer. At no point will ever write an article that would put any of our customers at risk. For the sake of intrigue lets call this customer Group X.

The engagement was designed to produce a level of threat that would exceeded that which Group X was likely to face in reality. In this case Group X was worried about specific foreign countries breaching their networks. Their concern was not based on any particular threat but instead based on trends and what we agreed was reasonable threat intelligence.   […]

Exploit Acquisition Program Shut Down

We’ve decided to terminate our Exploit Acquisition Program (again).   Our motivation for termination revolves around ethics, politics, and our primary business focus.  The HackingTeam breach proved that we could not sufficiently vet the ethics and intentions of new buyers. HackingTeam unbeknownst to us until after their breach was clearly selling their technology to questionable parties, including but not limited to parties known for human rights violations.  While it is not a vendors responsibility to control what a buyer does with the acquired product, HackingTeam’s exposed customer list is unacceptable to us.  The ethics of that are appalling and we want nothing to do with it.

While EAP was an interesting and viable source of information for Netragard it was not nor has it ever been Netragard’s primary business focus. Netragard’s primary focus has always been the delivery of genuine, realistic threat penetration testing services.  While most penetration testing firms deliver vetted vulnerability scans, we deliver genuine tests that replicate real world malicious actors.  These tests are designed to identify vulnerabilities as well as paths to compromise and help to facilitate solid protective plans for our customers.

It is important to mention that we are still in […]

Selling zero-day’s doesn’t increase your risk, here’s why.

The zero-day exploit market is secretive. People as a whole tend to fear what they don’t understand and substitute fact with speculation.  While very few facts about the zero-day exploit market are publicly available, there are many facts about zero-days that are available.  When those facts are studied it becomes clear that the legitimate zero-day exploit market presents an immeasurably small risk (if any), especially when viewed in contrast with known risks.

Many news outlets, technical reporters, freedom of information supporters, and even security experts have used the zero-day exploit market to generate Fear Uncertainty and Doubt (FUD).  While the concept of a zero-day exploit seems ominous reality is actually far less menacing.  People should be significantly more worried about vulnerabilities that exist in public domain than those that are zero-day.  The misrepresentations about the zero-day market create a dangerous distraction from the very real issues at hand.

One of the most common misrepresentations is that the zero-day exploit market plays a major role in the creation of malware and malware’s ability to spread.  Not only is this categorically untrue but the Microsoft Security Intelligence Report (SIRv11) provides clear statistics that show that […]

Exploit Acquisition Program – More Details

The recent news on Forbes about our Exploit Acquisition Program has generated a lot of interesting speculative controversy and curiosity. As a result, I’ve decided to take the time to follow up with this blog entry. Here I’ll make a best effort to explain what the Exploit Acquisition Program is, why we decided to launch the program, and how the program works.

What it is:
The Exploit Acquisition Program (“EAP“) officially started in May of 1999 and is currently being run by Netragard, LLC. EAP specifically designed to acquire “actionable research” in the form of working exploits from the security community. The Exploit Acquisition Program is different than other programs because participants receive significantly higher pay for their work and in most cases the exploits never become public knowledge.
The exploits that are acquired via the EAP are sold directly to specific US based clients that have a unique and justifiable need for such technologies. At no point does Netragard […]

Load More Posts