SPEAK WITH AN EXPERT

CyberProof Acquires Interpres Security

A Gartner distinguished vendor in Continuous Threat Exposure Management (CTEM) and Automated Security Control Assessments (ASCA).

Read More
CyberProof, a UST company, and Interpres logos on a black background, showcasing their strength in cyber security.

Better Security, Together

Our worldwide security operations teams work closely with your enterprise security organization, collaborating to deliver better security together, to protect you today against tomorrow’s threats.

invisible

AI In Action

CyberProof put AI into actionable insights, by augmenting security operations through AI powered virtual assistance to deliver better security, together services.

Cloud First Security

CyberProof is a cloud first security operations company, enabled through key cloud partners, to help deliver the most cutting edge security services to help protect your enterprise.

invisible

Detect, Respond, Adapt – Everywhere

CyberProof’s MXDR platform powered by AI adapts the most complex evolving threat landscape, continuously aggregating threat intelligence and responding, identifying and mitigating risk within your enterprise.

SecOps & Risk mitigation

Tailored threat intelligence

CyberProof uses OSINT and threat intelligence feeds for visibility into threats.

Use case management

CyberProof’s adaptable playbooks address continuously evolving threats with updated strategies.

Advanced threat hunting & security operations

Professionals manage sophisticated networks, leveraging experience to counter advanced threats.

Advanced threat hunting

Professionals manage sophisticated networks, leveraging experience to counter advanced threats.

Incident response retainer

24/7 global SOC support ensures incident response with guaranteed SLA.

Incident response retainer

24/7 global SOC support ensures incident response with guaranteed SLA.

Data security

CyberProof develops recovery plans, restoring capabilities after a cyber incident.

Asset management and classification

Classify and manage enterprise assets, understanding risks and data sensitivity.

Manual & automated penetration testing

Non-destructive tests uncover potential exploits in assets and applications.

Security awareness & training

Mitigate security issues early with CyberProof’s training and awareness programs.

Application security (AppSec)

Rigorous security assessment for on-premise and cloud applications to ensure protection.

Identity & access management (IAM)

IAM manages user access, monitors for anomalies, ensuring security.

Cloud security posture management (CSPM)

Cloud First approach ensures compliance and security within cloud environments.

Security platform management

Managed service for SIEM, EDR, MXDR, and threat intelligence solutions.

Vulnerability management (VM)

Identify, assess, and mitigate security vulnerabilities through regular scanning.

Partners

HyperScaler Cloud Native SIEM
SIEM Platforms
EDR
VM
IT/IOT
Threat Intel
Breach & Attack
See all partners

“Today I have complete visibility into the entire environment, in real time”

Jamil Farshchi | Equifax CISO

Watch Video Testimonial

CyberProof Acquires Interpres Security

By leveraging and integrating the Interpres Security CTEM solution into its security services portfolio, CyberProof is able to continuously identify, assess, and prioritize risk while adapting defense services, like MDR, Vulnerability management and Use case management to address ever evolving threats. Take proactive steps to fortify your security today!

Schedule Assessment

Start the journey today

SPEAK WITH AN EXPERT

Case Studies

Retail
Retail

Retail Company Reduces Data Costs by 85% with SIEM Transformation

The client is a leading retailer with over 1,000 stores across the United States and Canada. They offer a wide range of products and services to both consumers and businesses. To streamline their security infrastructure, the company decided to consolidate under a single, trusted cloud vendor. As an existing Microsoft 365 user, they embraced Microsoft’s comprehensive security suite, aligning their security approach with the industry’s best cloud security solutions. 
Read more
Banking
Banking

90% increase in visibility after deploying Microsoft XDR with CyberProof

CyberProof worked together with Microsoft to provision and deploy the Microsoft XDR capability and integrate it with the client’s current Managed Detection & Response (MDR) service with CyberProof. This was done by leveraging the CyberProof Defense Center (CDC) platform, which supports collaborative, real-time security operations for all stakeholders through orchestration and smart automation.
Read more
Financial Services
Financial Services

Enterprise saves millions on data ingestion & storage following cloud migration.

CyberProof’s deployment for this client includes one of the first commercial deployments of the Microsoft Sentinel cloud SIEM solution, helping dramatically reduce the cost of log ingestion and storage as the client migrated to cloud-native security operations, leveraging Azure Data Explorer (ADX) together with the CyberProof Log Collection (CLC) tool.
Read more
Insurance
Insurance

SOC unification streamlines enterprise insurance company’s security & network monitoring operations.

The client is a large insurance carrier with offices in multiple locations. The client initially turned to CyberProof after having issues with their previous service vendor, who was providing security alerts but conducting no real triage.
Read more
Healthcare: Pharmaceuticals
Healthcare: Pharmaceuticals

Global medical devices company gains visibility and meets stringent compliance standards across global geos

The client is a leading European-based, global pharmaceutical company that offers advanced tests and systems for disease diagnosis, monitoring, and treatment guidance. Operating in over 100 countries with over 40,000 employees, they serve millions of customers worldwide in numerous research and production facilities.
Read more
Healthcare: Pharmaceuticals Dental
Healthcare: Pharmaceuticals Dental

Pharmaceutical organization significantly enhances threat detection and response times

The customer decided to enhance their cybersecurity capabilities by partnering with CyberProof, focusing on comprehensive and proactive protection measures. CyberProof’s deployment for this customer included a full suite of managed cybersecurity services tailored to meet their specific needs.
Read more
All case studies

Threat Alerts

All
Explore all

Critical SAP NetWeaver Zero-Day Vulnerability Under Active Exploitation

28-Apr-2025
Label: Vulnerability
Threat Level: Medium

A critical zero-day vulnerability in SAP NetWeaver Visual Composer (CVE-2025-31324, CVSS 10.0) is currently under widespread active exploitation. This unrestricted file upload vulnerability allows unauthenticated attackers to upload malicious files directly to SAP systems without authorization, potentially leading to full system compromise. SAP released an emergency patch on April 24, 2025, but exploitation was observed both before and after the disclosure.

The vulnerability specifically affects the Metadata Uploader component of SAP NetWeaver Visual Composer, where missing authorization checks in the /developmentserver/metadatauploader endpoint allow attackers to upload JSP webshells to publicly accessible directories. These webshells enable remote command execution, file uploads, and potential lateral movement throughout networks. Researchers have observed attackers using sophisticated tools such as Brute Ratel and the Heaven’s Gate technique for execution and evasion.

It is estimated that 50–70% of internet-facing SAP systems have the vulnerable component enabled, leaving a significant portion potentially exposed. The impact is substantial, with activity observed across numerous industries.

ToyMaker Initial Access Broker Facilitates Cactus Ransomware Intrusions

28-Apr-2025
Label: Malware
Threat Level: Medium

Security researchers have identified a financially motivated initial access broker (IAB) dubbed ToyMaker, operating since at least 2023, who compromises internet-facing servers to plant a custom backdoor named LAGTOY. ToyMaker then sells or hands over access to ransomware groups such as Cactus, who conduct double extortion attacks. This collaboration was observed when Cactus actors used credentials and footholds created by ToyMaker to spread laterally across a compromised critical infrastructure network, exfiltrate sensitive data, and deploy ransomware.

ToyMaker’s intrusion typically begins with exploiting unpatched, internet-facing servers. Upon gaining access, the actor rapidly conducts reconnaissance, creates unauthorized accounts, and deploys the LAGTOY backdoor. Credential harvesting is performed using Magnet RAM Capture, followed by archiving the dumps using 7zip and exfiltration over SCP via PuTTY’s pscp utility.

The LAGTOY malware establishes persistence as a service under the name WmiPrvSV, communicates with a hardcoded C2 over raw TCP port 443, and supports executing commands remotely. It features anti-debugging measures using a custom unhandled exception filter and a time-based execution control to evade detection.

After a short dormancy period, ToyMaker transferred access to Cactus ransomware operators. Cactus then conducted further reconnaissance, moved laterally using stolen credentials, installed remote administration tools (AnyDesk, RMS, eHorus, OpenSSH), exfiltrated sensitive data using 7zip and curl, and finally deployed ransomware across the environment.

Explore all

Awards

Excellence Awards 2024 finalist banner for CyberProof, a UST company, showcasing diversity in security through Microsoft Security and the Microsoft Intelligent Security Association, with a focus on MDR and SIEM solutions.
Forbes award
mssp top 250 2024
ISG Provider Lens 2024 Quadrant image showcasing Cybersecurity Solutions and Services. Managed Security Services - SOC and MDR (Midmarket). Recognized as Leader, U.S.
ISG Provider Lens 2024 Quadrant: Cybersecurity – Solutions and Services, Strategic Security Services (Midmarket), with a focus on MSSP, Leader, U.S." proudly displayed at the top with a trophy icon in the bottom right corner.
ISG Provider Lens 2024 Quadrant for Cybersecurity Solutions and Services highlights Technical Security Services (Midmarket), emphasizing MxDR capabilities, with a "Leader, U.S." designation and a trophy icon.
Gold award badge for cybersecurity, highlighting "2024 Globee Awards Gold Winner" and featuring a globe design embraced by laurel branches. Celebrated in the realms of MSSP and SecOps, this accolade represents excellence in managing security operations worldwide.
Globee Awards logo with "2024 Globee Awards Silver Winner in Cybersecurity" text below, recognizing excellence in SOC solutions.
Microsoft Solutions Partner badge for Security, enhanced by SOC capabilities, features Cloud Security and Threat Protection.
The Microsoft Intelligent Security Association member badge proudly displays the Microsoft Security logo along with a label certifying it as a "Microsoft Verified Managed XDR Solution," highlighting its integration with leading SIEM and MSSP technologies.
Google Cloud Partner logo featuring a colorful cloud icon, seamlessly integrating elements of SecOps and MxDR.
The Intertek logo, featuring a globe with a grid pattern alongside the text "ISO 27001 Certification," embodies trust and security. It integrates seamlessly with modern SecOps approaches to enhance compliance and SIEM efficiencies.
A badge proudly displaying "SOC 2" and "A-LIGN," featuring a geometric logo above, a gradient line below, and seamlessly integrated with the latest MxDR innovations.
AICPA SOC seal in shades of blue with text "aicpa.org/soc4so" and "SOC for Service Organizations | Service Organization," tailored for MSSP efficiency.
Crest logo featuring icons for security, certification, and SecOps with a blue and teal color scheme.
MSSP Alert logo with text: "The Top 250 MSPs, 2023 Edition" in red and white, celebrating excellence in the ever-evolving SecOps landscape.
The logo for the 2023 Global InfoSec Awards winner from Cyber Defense Magazine features a circular design with text and subtly incorporates elements of SOC excellence.
Logo of Cyper Tech Two featuring two concentric rings, symbolizing their cutting-edge SecOps solutions, with the website URL www.CyperTechTwo.com displayed below.
Cyber Security Excellence Awards badge, labeled "Winner 2022" in the MDR category.
Badge with text "Big Innovation 2022" surrounding a lightbulb icon, symbolizing groundbreaking ideas in fields like SecOps and MDR.
2021 Global InfoSec Awards Winner badge from Cyber Defense Magazine for excellence in Adaptive Managed xDR.
Cybersecurity Speakt

Resources

Abstract cybersecurity MXDR shapes
Videos

ViVE 2025: How to modernize security operations for the healthcare industry

From ViVE 2025, watch Hans Guilbeaux, CIO of UST HealthProof, share how his team partnered with CyberProof and Google Cloud Security to leverage cloud-enabled security operations, elevating their cybersecurity posture and streamlining incident response.

Read More
Abstract cybersecurity MXDR shapes
Reports

A Detailed Comparison of QRadar, Microsoft Sentinel, and Google Chronicle SIEM

Security Information and Event Management (SIEM) solutions are evolving from traditional on-premises platforms to cloud-native services. QRadar has long been a prominent on-premises SIEM, but its architecture imposes certain limitations in today’s cloud-centric era. Newer cloud-native SIEMs like Microsoft Sentinel (Azure Sentinel) and Google Chronicle offer modern architectures with elastic scalability, integrated analytics, and reduced operational overhead. This report provides a detailed technical comparison of QRadar, Sentinel, and Chronicle across key dimensions – including architecture, scalability, data ingestion, threat detection, automation, ecosystem integration, analytics capabilities, and pricing – with a focus on QRadar’s on-prem challenges versus the advantages of cloud-native SIEMs. It also discusses why enterprises using QRadar should consider migrating to a cloud-native SIEM for both technical and business benefits.

Read More
Abstract cybersecurity MXDR shapes
Datasheets

CyberProof Data Security

CyberProof's Data Security service is a comprehensive solution designed to safeguard sensitive information for organizations. Our specialized team manages and protects data, ensuring its confidentiality, integrity, and availability. With robust security measures, we mitigate risks, detect vulnerabilities, and respond to threats, allowing businesses to focus on their core operations while entrusting their data security to our expert services.

Read More
Explore resources

Start the journey today

SPEAK WITH AN EXPERT