The mission of CyberPoint's Security Research Team (SRT) is to improve the security knowledge and capabilities of our community, our customers, our products, and our programs.
A public-facing research unit that works on relevant challenges within information security (infosec), we specialize in vulnerability research, malware analysis, threat intelligence, and technical evaluation. Our team's been doing this kind of work for years. They're passionate about it on both a professional and a personal level, and they're excited to do research that helps our customers and the larger community.
Vulnerability Research. We discover and responsibly report vulnerabilities to vendors, and we work with them to ensure their patches are effective. We develop tools that support vulnerability research and reverse engineering. We monitor relevant public trends, and we prototype new exploits for publicly disclosed vulnerabilities. We participate in capture-the-flag events, and we reverse engineer patches for greater insight into their efficacy and urgency. And we run on-going audits of software and hardware for vulnerabilities we derive from a prioritized research list.
For our customers, we perform deep-dive vulnerability research into their areas of concern or scenarios of interest. We do penetration testing, and we bring to it our advanced vulnerability-research tool development and distinctive tactical expertise. We support incident response for anyone who needs infosec experts in their corner to help them get through dark days following a data breach or cyber attack.
Malware Analysis. We monitor the public malware space for novel techniques and toolkits, and we contribute samples, bugs, and feature requests to CyberPoint's DarkPoint development staff. We obtain and analyze malware of interest, and we maintain a repository of that malware in DarkPoint. We develop prototype tools that support malware analysis and reverse engineering.
For our customers, we perform deep-dive analysis of samples or scenarios they provide or inquire about. We repurpose interesting components of malware for the purpose of evaluating defense solutions.
Threat Intelligence. We develop and deploy unique sensors to keep abreast of the evolving hostile Internet landscape. We aggregate multiple sources and feeds of data into a central repository to enable analytic processing of the dynamic data. We develop open-source intelligence (OSINT) and tools to identify trends relevant to modern threats.
For our customers, we support incident response with repository querying and analysis. We also respond to customer inquiries about a wide-array of infosec topics.
You'll find regular reports in our blog, on Github and other community sites, and in our research presentations. We're always looking for partners and collaborators, so feel free to reach out. Contact us.