Software vulnerability, code and security analysis.
Hardware security, side-channel, and fault injection analysis.
Signal and emissions vulnerability and security analysis.
Cryptographic primitives and protocol security analysis.
Incident response analysis and threat hunting.
Network/web assessment and adversary emulation.
Security assessment and certification of IT products for APL.
Closed-source and open-source fuzzing of grammars, file formats, and network protocols to help discover deep vulnerabilities that are undiscoverable by traditional security testing methods.
Reverse Engineering and Binary Analysis: Reverse engineering and binary analysis on a wide range of architectures and operating systems. We identify vulnerabilities using cutting-edge binary analysis techniques, including control flow graphs, instrumentation, symbolic and taint analysis.
Combining software security expertise with static and manual analysis of source code to verify the effectiveness of the existing security controls, identify security risks, and software vulnerabilities in any number of programming languages.
Assessment of the design and implementation of firmware and applications to find possible remote code execution, privilege escalation, and information disclosure vulnerabilities. We provide research on embedded systems and binaries to discover new vulnerabilities and improve existing security assessment tools.
Security assessment of mobile operating systems and applications to identify critical vulnerabilities and provide remediation to protect users.
Thorough hands-on assessment on various hardware vulnerabilities, such as exploitation of debug feature, tamper assessment, firmware dumping and analysis, and bus probing.
Systems analysis and reverse engineering of circuits and components.
Deep analysis of weaknesses in hardware using various side-channels, such as timing, power, electromagnetic emanation (EM), and micro-architectural (SPECTRE, MELTDOWN, FORESHADOW).
Comprehensive assessment of fault tolerance from voltage and clock glitching over EM fault injection and Laser fault injection to remote fault attacks like ROWHAMMER.
Using our innovative equipment, we provide assessment of vulnerabilities inside an IC, from IC reverse engineering to micro probing and circuit editing.
Comprehensive analysis of emerging threats against cellular networks (RAN and core), fiber and critical infrastructure.
Advanced practical attack and defense analysis of threats related to jamming, eavesdropping, relaying, replaying, spoofing and deep-faking against all kinds of signals.
Hardening of systems and secure compartmented information facilities to avoid Compromising Emanations and, conversely, deep monitoring of such environments to detect and protect against intentional interference.
Cutting-edge equipment and skills covering all layers from signal processing to application protocols to offer comprehensive security expertise in synergy with the Hardware, Software and Crypto laboratories.
Formal verification of cryptographic protocols based on SAT-solvers and symbolic models.
Checking NIST / FIPS requirements for newly implemented cryptographic primitives and protocols.
Using different techniques to identify weak S-BOXs, padding problems, differential and linear approximation possibilities.
Security review of existing systems and infrastructures in accordance with international standards.
Reviewing implemented cryptographic protocols, pseudo-code and source code comparison.
Entropy analysis and practical Statistical tests in random number generation.
Identifying hidden backdoors in cryptographic algorithms using unique methodology.
Detailed analysis of possible concealment of a file, message, image, or video within another file, message, image, or video.
Practical man-in-the-middle attacks and downgrade attacks on modern protocols.
Researches on modern cryptographic schemes, such as lattice based cryptography, Elliptic curves, homomorphic encryption.
Comprehensive analysis of the cryptographic strength of various distributed ledger methods, from Blockchain and Hashgraphs to Directed Acyclic Graphs and Holochains
The xen1thLabs incident response team assist organizations to identify, contain, eradicate, and resolve cyber incidents that threaten your environment, intellectual property and ongoing business operations. Purchasing a retainer, organizations have 24x7 access to the xen1thLabs team, we complement our incident response service with digital forensics and malware analysis to better understand the attack and provide sound recommendations that allow you to protect for the future. In addition xen1thLabs also offer cyber incident response readiness planning and capability assessments to arm organizations with the correct tools, visibility and procedures they need before they are breached.
We identify the threats others miss, by proactively hunting for threats within networks and systems to identify if attackers are active in your environment or have been in the past, where traditional rule based security solutions have failed to identify the threat.
Threat hunting significantly decreases the time an active threat within your environment can remain undetected. Utilizing the expertise of xen1thLabs professional consulting services, businesses are empowered with holistic detection and response capabilities for a fraction of the cost of building threat hunting, incident response, and forensic teams. We do this by implementing of tools to enhance environmental visibility and facilitate threat detection, combined with an allocation of hours for regular scheduled threat hunts by the xen1thLabs team. In addition, an incident response retainer with 24x7 hotline access is also included, to cover the containment, eradication of the threat, and recovery of your environment.
xen1thLabs provide a comprehensive array of digital investigative services following industry standard best practices for investigating the root cause of cyber security incidents. We investigate cases involving all operating systems, including the forensic analysis of iOS and Android based devices. All of our forensic investigators are certified by industry leading certification bodies.
A team of reverse engineers can be engaged to perform analysis on files that are suspected to be malicious in nature. The analysis will identify the functionality of a potentially malicious sample, an overall risk assessment that the sample presents to the organisation, and advice on the best way to remediate the threat and identify additional infected hosts.
Assessment of modern corporate network infrastructure and validation of attack scenarios based on the assume breached model.
Credential and non-credentialed dynamic testing of Web Application.
Execution of adversary emulation operations adopting the same Techniques, Techniques, and Procedures (PPTs) employed by modern state-sponsored threat actors.
Execution of physical and remote Social Engineering attacks aimed to induce victims into executing actions that could impact on the targeted organization’s security.
Development and customization of exploit code and attack techniques strategies.
Assessment of technologies employed to ensure the physical security of buildings and facilities.
Assessment of the cybersecurity posture of Operational Technologies (OT) environments of Critical Infrastructures.
The APP Certification Service provides the framework and methodology for the security assessment and certification of IT products to operate and govern the APP. Therefore, an Approved Product List (APL) is provided and maintained to publish and track certified products. For applicable technologies, Test Standards are defined compatible with internationally recognized certification schemes, and testing guidance provided.
Product Supply Chain assessment is performed during the development and manufacturing phases of the product. The objective is to limit the risk of vulnerabilites being introduced into products. The vendors/manufacturer’s secure development and supply chain security practices, processes and procedures are assessed. Supply Chain Security service offers the risk management and compliance checks of suppliers and contractors.
Assessment is the core element of the APP and conducted before a product is purchased and deployed in an organzation. Product security assessment determines compliance, and gives assurance about products’ resistance against threats. A compliance check verifies that the implemented security functionality adheres to current technology standards. Threat Modeling identifies assets and threats to the product and is used to tailor the list of security requirements. Design Reviews and Vulnerability Assessments are executed to analyze and test potential vulnerabilities.
Product Monitoring is done during the operations/maintence phase of products and involves checking the public domain for new threats and vulnerabilities against APL products, review and tracking of vendor patches, and advising APL customers. Product Monitoring involves a pro-active product monitoring and detection service that enables customers of APL to receive security advisories.
Product Forensics is done during the operations phase of products and involves re-active forensic services that are offered to respond to and investigate compromised devices or suspicious behavior of APL products in the field. The goal of computer forensics is to examine artefacts in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing and presenting facts about the digital information.