CompSec Direct gets press mentions for cybersecurity expertise
CompSec Direct Executive Team with a a Kleared4 Edge unit. Picture taken by R. Fernandez. We were interviewed in 2021 by El Nuevo DÃa, a local newspaper in Puerto Rico. Some the of the issues we have mentioned are starting to take impact on how businesses mature operations by making investments into staffing. Some the of [...]
Ransomware: Hacienda of Puerto Rico
We are publishing a redacted case study related to the ransomware event that occurred at Hacienda of Puerto Rico. Although some elements have been removed from this case study, and a previous redacted case study concerning our involvement as Incident Response leads, it seems industry has not been able to adapt and improve it's resilience against [...]
Kleared4 closed-operation fly-away edge kit
We have started integrating closed-operation fly-away edge appliances with Kleared4, our disassociated cyber-operations, and proofing environment. #PCOE #PCTE #CyberRange Unlike other fly-away kits, this one is designed to operate completely closed! This model uses a Pelican 1200 case with a small Linux based PC. We recently used the device during a remote assessment on the other [...]
CompSec Direct wins firmware analysis prototype event held at Dreamport
After placing 5th on a previous challenge, we were happy to place 1st on a subsequent firmware challenge. We improved our process, provided analysis and emulation findings to set us apart from the rest. Please visit https://dreamport.tech/events/event-rpe-the-broken-gear-in-the-watch-02.php for more information on the technical aspects of this challenge.
Non-attribution classification model published
The proposed model was published on the Military Cyber Professional Association (MCPA) 2020-2021 magazine. Although the author used humor in this publication; no standardized model currently exists to technically vet and verify how non-attribution is achieved. Instead, we opted to classify links starting from a point of origin and how this is perceived on receiving end [...]
BSides PR 2019 Wrap-Up: It starts with you
Our President, @jfersec, had the privilege of Keynote during BSides PR 2019. During our presentation, we discussed some hard truth's around: the way DeepFakes and "WeakFakes" are utilizedhow we are good imitators and bad innovators in Puerto Ricopast efforts associated with Accelerated Disclosures for public and private companies in Puerto Ricoflaws associated with contract negotiations with [...]
CTF-Pasteables
"Typing Kills", so even if you do not agree with this; it's true. Operator error grows the more you type. It's akin to "measure twice, cut once". In Capture the Flags (CTF's), we often redo the same methodology and the only thing we change are network variables and usernames, the syntax remains constant. Over the years, [...]
Case 1
Case 1. If you like the case study, hit us up and let us know. Take care. Malware Analysis on Hybrid-Analysis. case1Download
CompSec Direct now approved Cyber-security vendor in Maryland
CompSec Direct has been approved as a Qualified Maryland Cybersecurity Seller (QMCS) by the Department of Commerce of Maryland. This allows us to provide cybersecurity services to qualifying companies under the Buy Maryland Cybersecurity (BMC) program. The program allows companies with 50 employees or less to purchase services and products from approved vendors like CompSec Direct. [...]