SPEAK WITH AN EXPERT

CyberProof Acquires Interpres Security

A Gartner distinguished vendor in Continuous Threat Exposure Management (CTEM) and Automated Security Control Assessments (ASCA).

Read More
 CyberProof, a UST company, and Interpres logos on a black background, showcasing their strength in cyber security.

Better Security, Together

Our worldwide security operations teams work closely with your enterprise security organization, collaborating to deliver better security together, to protect you today against tomorrow’s threats.

 invisible

AI In Action

CyberProof put AI into actionable insights, by augmenting security operations through AI powered virtual assistance to deliver better security, together services.

Cloud First Security

CyberProof is a cloud first security operations company, enabled through key cloud partners, to help deliver the most cutting edge security services to help protect your enterprise.

 invisible

Detect, Respond, Adapt – Everywhere

CyberProof’s MXDR platform powered by AI adapts the most complex evolving threat landscape, continuously aggregating threat intelligence and responding, identifying and mitigating risk within your enterprise.

SecOps & Risk mitigation

Tailored threat intelligence

CyberProof uses OSINT and threat intelligence feeds for visibility into threats.

Use case management

CyberProof’s adaptable playbooks address continuously evolving threats with updated strategies.

Advanced threat hunting & security operations

Professionals manage sophisticated networks, leveraging experience to counter advanced threats.

Advanced threat hunting

Professionals manage sophisticated networks, leveraging experience to counter advanced threats.

Incident response retainer

24/7 global SOC support ensures incident response with guaranteed SLA.

Incident response retainer

24/7 global SOC support ensures incident response with guaranteed SLA.

Data security

CyberProof develops recovery plans, restoring capabilities after a cyber incident.

Asset management and classification

Classify and manage enterprise assets, understanding risks and data sensitivity.

Manual & automated penetration testing

Non-destructive tests uncover potential exploits in assets and applications.

Security awareness & training

Mitigate security issues early with CyberProof’s training and awareness programs.

Application security (AppSec)

Rigorous security assessment for on-premise and cloud applications to ensure protection.

Identity & access management (IAM)

IAM manages user access, monitors for anomalies, ensuring security.

Cloud security posture management (CSPM)

Cloud First approach ensures compliance and security within cloud environments.

Security platform management

Managed service for SIEM, EDR, MXDR, and threat intelligence solutions.

Vulnerability management (VM)

Identify, assess, and mitigate security vulnerabilities through regular scanning.

Partners

HyperScaler Cloud Native SIEM
SIEM Platforms
EDR
VM
IT/IOT
Threat Intel
Breach & Attack
See all partners

“Today I have complete visibility into the entire environment, in real time”

Jamil Farshchi | Equifax CISO

Watch Video Testimonial

CyberProof Acquires Interpres Security

By leveraging and integrating the Interpres Security CTEM solution into its security services portfolio, CyberProof is able to continuously identify, assess, and prioritize risk while adapting defense services, like MDR, Vulnerability management and Use case management to address ever evolving threats. Take proactive steps to fortify your security today!

Schedule Assessment

Start the journey today

SPEAK WITH AN EXPERT

Case Studies

Retail
Retail

Retail Company Reduces Data Costs by 85% with SIEM Transformation

The client is a leading retailer with over 1,000 stores across the United States and Canada. They offer a wide range of products and services to both consumers and businesses. To streamline their security infrastructure, the company decided to consolidate under a single, trusted cloud vendor. As an existing Microsoft 365 user, they embraced Microsoft’s comprehensive security suite, aligning their security approach with the industry’s best cloud security solutions. 
Read more
Banking
Banking

90% increase in visibility after deploying Microsoft XDR with CyberProof

CyberProof worked together with Microsoft to provision and deploy the Microsoft XDR capability and integrate it with the client’s current Managed Detection & Response (MDR) service with CyberProof. This was done by leveraging the CyberProof Defense Center (CDC) platform, which supports collaborative, real-time security operations for all stakeholders through orchestration and smart automation.
Read more
Financial Services
Financial Services

Enterprise saves millions on data ingestion & storage following cloud migration.

CyberProof’s deployment for this client includes one of the first commercial deployments of the Microsoft Sentinel cloud SIEM solution, helping dramatically reduce the cost of log ingestion and storage as the client migrated to cloud-native security operations, leveraging Azure Data Explorer (ADX) together with the CyberProof Log Collection (CLC) tool.
Read more
Insurance
Insurance

SOC unification streamlines enterprise insurance company’s security & network monitoring operations.

The client is a large insurance carrier with offices in multiple locations. The client initially turned to CyberProof after having issues with their previous service vendor, who was providing security alerts but conducting no real triage.
Read more
Healthcare: Pharmaceuticals
Healthcare: Pharmaceuticals

Global medical devices company gains visibility and meets stringent compliance standards across global geos

The client is a leading European-based, global pharmaceutical company that offers advanced tests and systems for disease diagnosis, monitoring, and treatment guidance. Operating in over 100 countries with over 40,000 employees, they serve millions of customers worldwide in numerous research and production facilities.
Read more
Healthcare: Pharmaceuticals Dental
Healthcare: Pharmaceuticals Dental

Pharmaceutical organization significantly enhances threat detection and response times

The customer decided to enhance their cybersecurity capabilities by partnering with CyberProof, focusing on comprehensive and proactive protection measures. CyberProof’s deployment for this customer included a full suite of managed cybersecurity services tailored to meet their specific needs.
Read more
All case studies

Threat Alerts

RomCom Exploits Firefox and Windows Zero-Days in Sophisticated Campaign

02-Dec-2024
Label: Malware
Threat Level: Medium

The attack begins with CVE-2024-9680, a use-after-free vulnerability in Firefox’s animation timeline feature. This flaw is exploited when victims visit a malicious webpage, allowing attackers to execute arbitrary shellcode within the browser’s sandbox. Once this initial compromise occurs, the campaign pivots to CVE-2024-49039, a privilege escalation vulnerability in Windows Task Scheduler. By exploiting this, the attackers escape the browser’s sandbox and execute code with elevated privileges.

The attack chain is strategically designed and deceptively simple. Upon visiting a booby-trapped site, the Firefox exploit is triggered to bypass memory protections, injecting shellcode that downloads a secondary payload. This payload exploits the Windows Task Scheduler vulnerability to run a hidden PowerShell process. From there, the RomCom backdoor is downloaded and installed, granting attackers full control over the victim’s system. To ensure persistence, obfuscated PowerShell scripts are used alongside staging servers hosting the malware.

The RomCom backdoor deployed in this campaign is a versatile tool, enabling attackers to execute arbitrary commands, steal sensitive information, and deploy further malicious modules. The attack has been observed targeting victims across multiple sectors, including government, healthcare, and critical infrastructure in Europe and North America. This campaign demonstrates RomCom’s growing sophistication, as the group now incorporates advanced zero-day exploitation into its arsenal.

UEFI Bootkit Bootkitty Emerges as Linux-Specific Threat

02-Dec-2024
Label: Malware
Threat Level: Medium

In a significant development for the UEFI threat landscape, researchers have identified the first UEFI bootkit specifically designed for Linux systems, named Bootkitty by its creators, a group known as BlackCat. While the bootkit is assessed to be a proof-of-concept (PoC) with no evidence of use in real-world attacks.

Bootkitty’s primary objective is to disable the Linux kernel’s signature verification feature and preload two as-yet-unknown ELF binaries during the system startup process. This is achieved via the Linux init process, the first process executed by the kernel upon startup. Additionally, researchers uncovered a potentially related unsigned kernel module that appears to have been developed by the same author(s). This module deploys an ELF binary that facilitates the loading of yet another unknown kernel module, indicating a possible modular architecture.

Bootkitty is signed using a self-signed certificate, which means it cannot execute on systems with UEFI Secure Boot enabled unless an attacker-controlled certificate has been pre-installed. Interestingly, the bootkit contains two unused functions. One of these functions prints special strings to the screen during execution, while the other can display a list of potential authors and individuals who may have contributed to its development. These features, while unused in this PoC, could hint at the bootkit’s future capabilities or provide clues about its creators.

Despite its PoC nature, Bootkitty represents a meaningful advancement in the UEFI threat space by targeting Linux systems. Its discovery challenges the prevailing assumption that modern UEFI bootkits are exclusively a Windows threat, broadening the scope of potential attack surfaces in the Linux ecosystem.

Explore all

Awards

 Forbes award
 mssp top 250 2024
 2021 Global InfoSec Awards Winner badge from Cyber Defense Magazine for excellence in Adaptive Managed xDR.
 Cybersecurity Speakt

Resources

Explore resources

Start the journey today

SPEAK WITH AN EXPERT