CyberPoint Labs

Research: advancing the discipline of cyber security, and solving the industry's hard problems along the way.

CyberPoint Labs is our industrial research and development activity—advancing the discipline of cyber security by attacking and solving the hard problems of the field. It performs cutting-edge research in cyber security, develops new technologies and product prototypes, invents new tools for our customers, and focuses our relationship with research universities. (Our principal university research partner is the University of Maryland.)

Research Areas

The lab's three research areas are: Applied Mathematics, Data Science, and Security. Applied Mathematics encompasses topics like program analysis, algorithm optimization, cryptography, and other applications of mathematics to cyber security. Data Science covers such areas as high-performance computing, big data, data visualization, analytics, modeling and simulation, pattern recognition and machine learning. Our security research addresses secure software design, application and system security analysis, malware analysis, vulnerability discovery, and software reverse code engineering.

Multidisciplinary Imagination & Expertise

Multi-disciplinary and flexible in composition, CyberPoint Labs employs people who shine in their fields: electrical engineers, computer scientists, biologists, applied mathematicians, logicians, physicists, software engineers, network scientists, visualization experts, high-performance computing experts, malware analysts, reverse engineers, and security researchers.

Products Emerging From Research

Innovative products like DarkPoint and CyVaR have emerged from CyberPoint Labs. Our disciplined research program will continue to pioneer new technologies and deliver a deeper understanding of the cyber domain.

Some of What We Do


The research efforts of CyberPoint Labs have led to the development of a number of new products and technologies offered by CyberPoint.

Similarity Search and Malware Prioritization: a patented contribution to a faster and more efficient way of processing files to detect malware. By comparing unknown samples with known malware, our process enables analysts to determine swiftly which pieces of potentially malicious code should be given priority for further analysis and, if necessary, reverse engineering.

DarkPoint: a malicious digital artifact identification and analysis tool. It employs advanced machine learning algorithms and expert systems to simplify and accelerate malicious digital artifact (file, program, document, image, link, script, etc.) detection, analysis, and remediation.
Learn more.

CyVaR: A decision support product that quantifies an organization's financial risk exposure to cyber attacks. CyVaR enables executives to see the financial impact of vulnerabilities and potential security incidents. It also arms them with the information they need to make smarter business decisions and manage risk.
Learn more.


Zach Miller presented at AFCEA on Wednesday, 17 June from 11:15 am – 11:45 am. Visit event website.

CyberPoint presented at the Malware Technical Exchange Meeting (MTEM) 2015 at MIT Lincoln Labs on June 17-19. Visit event website.

Dale Robson presented at Jailbreak Security Summit hosted at Jailbreak Brewing Company entitled Mac Sandboxes and Malware. Click here to download the presentation, or see the video on the CyberWire event coverage page.

Ian Blumenfeld gave a talk on on using constraint solving techniques through the Cryptol domain specific language to prove properties about cryptographic specifications at the UMBC Cyber Defense Lab biweekly seminar in May 2015

CyberPoint gave a talk at the 2014 Malware Technical Exchange Meeting (MTEM) presenting some of CyberPoint Labs' work with similarity metrics for analysis of malware datasets. Visit event website.

CyberPoint Labs' Dr. James Ulrich presented a talk at FLOCON 2013 on Cyber Value at Risk (or CyVaR for short), a methodology for estimating the dollar value of risk to an IT infrastructure based on cyber security trade-offs. CyberVaR uses dynamic Bayesian networks, monte carlo simulation, and attack trees to attempt to quantify cyber security risk.
Learn more.

CyberPoint Labs gave a talk at HCSS 2013 on applying techniques from SMT solvers to trace-based analysis of packed malware. CyberPoint conducts research in malware analysis, program analysis, and reverse engineering.
Learn more.

Open Source

libpgm is a Python library that provides tools for modeling large systems with Bayesian networks. Using these tools allows for efficient statistical analysis on large data sets using Bayesian Networks.
Learn more.

libem is a C++ codebase using OpenMP and MPI to accelerate the training of Gaussian Mixture Models and adapted Gaussian Mixture Models on distributed memory architectures.
Learn more.

White Papers

Read the white paper on Cyber Value at Risk (or CyberVaR for short), a methodology for estimating the dollar value of risk to an IT infrastructure based on cyber security trade-offs.
Download the white paper.

Academic Partners

The University of Maryland (UMD) and CyberPoint International, LLC, (CyberPoint), entered into a partnership to establish collaborative activities in cybersecurity. The partnership promotes cybersecurity education and research through the Maryland Cybersecurity Center (MC2).
Learn more.