Security Audits

Penetration Testing
Offensive security is our core competency. We excel in using the latest techniques being deployed by adversaries to test your security fully. Cycura goes beyond simple scans and compliance and takes a hand crafted approach to identifying the weaknesses in networks, applications, web sites and control systems. We offer black, grey and white box testing scenarios to help our customers fully understand their exposure to threats. Our penetration testing services are the best method to ensure your security controls and processes are working as designed.

Cycura offers advanced penetration testing services in order to evaluate the security of networks. Unlike many other companies providing penetration testing services, our team does not restrict themselves to the publicly and commercially available tools in order to scan for known vulnerabilities. We use our own custom developed tools and manually explore the attack surface of your network in order to reveal new and previously unknown types of vulnerabilities.

Vulnerability Assessment
Understanding risk begins with understanding the exposures in your networks. Cycura experts have designed and implemented vulnerability management programs in Fortune 500 companies across numerous industries. Cycura offers continuous scanning programs, one-time scans, and customized programs that deliver valuable insight about the attack surface within your organization. We also offer advanced reverse-engineering services to identify vulnerabilities in hardware, software and cloud applications.

Security Architecture and Design
Poorly implemented or designed security controls may be worse than no controls at all. Cycura has security architecture experience across a broad variety of industries, technology platforms and organization sizes. We offer review and consulting services that range from controls audit to complete green-field design and the implementation of solutions.

Code Review
We speak the language of code. Cycura has performed complex reviews of over 3 million lines of code for customers with critical web applications. Our approach is based on a top down process and architecture review by hand. We develop an expert understanding of how your application works in order to uncover the vulnerabilities and flaws that scripts and automated tools simply can’t..

Intelligence and Data Gathering
The underground economy thrives from the sale of personal, intellectual, financial and health data. Cycura security researchers work tirelessly to monitor and mine the deep web, private chat channels, hacker forums and other illicit services to detect and proactively prevent breaches of client networks.

Forensics and Incident Response

Organizations today are under constant attack. In the event of a breach, data theft or corporate espionage, businesses face questions that only qualified forensic examiners can answer.

Beyond understanding how an event occurred, our forensic examiners support your business with complex compliance and legal issues, and litigation matters. Our experience extends into both cyber-attack response scenarios, and legal proceedings of both a criminal and civil nature. Our management team has a combined 30 years of forensic experience, and has provided expert witness testimony in over 100 court cases.

Cycura employs only the best talent available. Our team have worked with, and provided training, for law enforcement and intelligence agencies from around the world, as well as government and private organizations.

Cycura uses both leading industry forensic software such as EnCase®, FTK, and X-Ways, alongside custom built tools which allow us to fully assess and uncover issues and vital evidence. Our forensic examiners are certified to work on any type of platform, across any industry.

Our forensic experts follow rigorous procedures designed to Collect, Preserve, Analyze and Present evidence in a court-ready format. All forensic data is handled in accordance with best practices and legal requirements should the need to engage law enforcement arise.

Cycura also provides access to our team of senior security researchers and malware analysts who are capable of reverse engineering the most complex and targeted exploits.

Incident Response
When the worst case scenario becomes a reality, Cycura brings the best resources to assist. Our Incident Response experts have responded to thousands of events ranging from legal e-discovery, employee fraud, and major multi-national data breaches.

We work quickly and effectively to triage, contain and mitigate issues and to restore your business. Our security experts can help your team navigate the challenges of responding to the debilitating effects of a major security attack.

Malware Analysis & Reverse Engineering

Cutting edge research is part of our DNA at Cycura. Our security researchers are advanced malware analysis experts with experience in discovering, containing and reverse engineering targeted threats, and the most sophisticated attack methodologies.
Our team specializes in hands-on methods of disseminating the nature of binaries and exploits. We will not use public sandboxes which may share and trade your information. We handle suspicious files from your organization with care, ensuring privacy and discretion.
 Unlike automated solutions that are only capable of mapping out a subset of the behavior of a malware, our experts will be able to uncover any hidden functionality including time bombs and code that is executed only on specific targets. When trying to determine the objectives, and potentially the identity, of the attackers, the results from this type of in-depth analysis is invaluable.
By analyzing any custom algorithms and network protocols used by the malware in question, we will be able to develop and deploy IDS/IDP signatures in order to detect and block any further attacks using the malware in question, and if network captures are available, we may be able to uncover what the attackers have been able to do before the initial attack was discovered.
We have extensive experience in the following areas:

Malware Analysis
  • Code Obfuscation, and Rootkit techniques
  • Threat and Adversary Characterization
  • Malicious Files, Device Drivers, and Object-oriented Binaries
  • Defensive Mitigation Strategy and Deployment

Reverse Engineering
  • x86, x64, ARM and Custom Binary Analysis
  • TCP/IP & Proprietary Protocols
  • Windows, Linux, Mac and Embedded OSs and Applications
  • ELF, PE, Mach-O and Proprietary Binary File Formats
  • Mobile Applications, including iOS and Android
  • Baseband and Firmware Level Code Analysis

Continuous Monitoring

In order to protect the integrity of networks and assets against targeted attacks, clients need to modernize their information security platforms. The introduction of a Managed Security Service (MSS) which provides continuous monitoring, and alerting to threats and security events will dramatically improve a client’s overall security posture.

Cycura designs, builds and operates customized solutions which provide threat monitoring, breach detection and user behavior analysis. Coupled with our incident response services, we are able to extend and augment the capabilities of your security program or team with our own talented analysts and researchers.

The implementation of our solution will bring together the disparate security information and tools within a client organization to create a holistic view of overall IT security operations and health.

Clients are able to obtain and view information about networked assets and effectively address breaches and/or vulnerabilities. Continuous monitoring is established for external facing assets and internal networks. Cycura monitors to detect unsolicited and unauthorized changes in websites, data leakage, user misconduct and other threats such as malware or APT.

Clients can expect to achieve:
  • Improved IT security posture with next generation detection and prevention capabilities.
  • Access to continuous 24/7/365 monitoring.
  • A highly scalable and capable security monitoring platform which can adjust to changing needs as the client requires.
  • Managed security services that constantly update to detect and prevent the newest threats.

Cycura’s Monitoring Services are offered 24 hours a day, 7 days a week, 365 days a year. Incident Response and access to Cycura’s Forensic Services can be provided within 12 hours of any incident, or as requested by our clients.

Turn your security team into a world class one by leveraging our talented analysts as part of your overall security program. Cycura is the right provider to bring your network and endpoint monitoring to the next level and beyond.

Security Training Services

Cycura can help you build the internal knowledge and skills to bolster your organization’s security practices. Let us train your team to understand complex threats, malware and to reduce the impact of sophisticated attacks. We offer training programs, both basic and advanced in the following fields:
  • Computer Forensics
  • Incident Response
  • Reverse Engineering and Malware Analysis
  • Penetration Testing
  • Enterprise Security (Executive Seminars and Basic Concepts)

Computer Forensics
The goal of any computer forensics department or examination is to, in a repeatable and defendable manner, identify, collect, preserve, analyze, and present facts and opinions about digital evidence. Ensuring that the digital evidence has been properly collected and preserved, and that the methods of doing so are repeatable and defendable, the forensic examiner’s findings are admissible in court.

Level 1
Covers the following topics:
  • Introduction to Forensics as a science
  • Windows and Mac OSX/Linux File Systems and how data is structured
  • Web browser evidence
  • Exercise Gathering and Activities

Level 2 (5 days ea.)
Covers the following topics:
  • Creating a user activity based timeline
  • Windows registry analysis
  • Volatile memory forensics tips and tricks
  • Introduction to malware analysis

  • How to Build Forensic Capabilities Within Your Organization
  • Conducting Internal Investigations

Incident Response
Incident Response teams were first started in 1988 by the US Government as a need to respond to global internet issues such as the Morris Worm. The need for a coordinated and concerted effort to mitigate large-scale problems extends now to individual business large and small.

Level 1
  • Introduction to Incident Handling
  • Who plays what role
  • Information Gathering
  • Tabletop Exercises

Level 2
  • Running IR Teams
  • Dealing with external forces (senior management, legal, external media)
  • Advanced Evidence Analysis
  • When to cut the ties and get professional help

  • IR Preparedness, BCM and IR
  • Working with Law Enforcement, Legal and Media

Reverse Engineering, Malware Analysis and Exploit Development
Deconstructing malicious code or computer viruses is a highly specialized skillset. Cycura’s team of experts can show you the tools of the trade so that you can begin to take apart the malware and learn more about its true behavior and begin attribution.  You won’t just learn the tools, but also the OS internals.

Level 1
Introduction to RE/Malware using:
  • Disassembler – IDA Pro
  • Debugger – OllyDbg, WinDbg
  • System Monitor – Process Monitor, RegShot. Process Explorer
  • Network Monitor – TCP View, Wireshark
  • Packer Identifier – PEID
  • Unpacking Tools – Qunpack. GUNPacker
  • Binary Analysis Tools – PE Explorer, Malcode Analysts Pack
  • Code Analysis Tools  – LordPE, ImpRec

Level 2
Covers some of the following:
  • Learn about CPU architectures
  • Functions, stack frames, heaps, exceptions, important Ring3 Windows internal structures, PE file format
  • Important Windows Internal Structures
  • Different methods to locate the important algorithms

  • Deep dive into the Banking botnets and financial crime

Penetration Testing
Learning the methods used by adversaries to attack computer networks is vital in understanding how to properly defend them. We teach offer both introductory and advanced courses which explore a diverse set of topics including:

  • Hacking tools and exploits
  • Developing scripts and tools with Python and Powershell
  • Wireless network hacking and defense
  • Web application vulnerabilities and encryption
  • Threat Modelling
  • Linux exploitation and tools
  • Kernel exploits and rootkits
  • Client-side exploits

Our programs are designed to meet your specific goals, be it general education, or a deep dive into the world of memory exploits.