Our Cybersecurity Arsenal
Comprehensive protection across your entire attack surface
Atrax
The automated pentesting sequence that works in the background so you don't have to.
Our flagship black box scanning solution identifies vulnerabilities within your entire attack surface: external IPs, web apps, APIs and EUDs.
This is where most vulnerability scanning solutions stop. By chaining results and automating the use of refined open source exploit vectors, Atrax exploits any discovery with payload-less attacks.
"Each exploit is prohibited from working outside the specific CVE, keeping your infrastructure safe and sound."
Felix Nagy, FounderUsing the same payload-less architecture, Atrax then tests the resilience of third party software updates through IT tech supply chain attacks.
Lastly, it builds a database of personalised intel on your users through dark and open web scraping. Once an 80% social engineering success rate is predicted, it creates an AD / Google Directory account and starts building trust with your users on MS Teams and Slack with carefully crafted messaging.
Once your user clicks, the flag is planted and you're alerted.
Obsidian
The automated dark web scanning solution cluster
Most dark web scanning solutions are limited to forum based processes, using only corporate email addresses as triggers against data dumps.
Obsidian uses this as one single data point. It combines forum posts, shodan results, auction house sales and grey noise chatter to create user risk profiles and warns you before an attack is launched.
But we still need to protect your organisation's weakest link: the people.
By cross-referencing the Certstream intelligence feed with our own predetermined "suspiciousness" rules, Obsidian gathers information on who owns a domain's ssl certificate, what legal form is behind it, what type of architecture sits behind it and whether it can be traced to known threat actors or groups.
Obsidian then actively detects, blocks and reports these spoofed domains, keeping your users secured from inbound phishing attacks and business email compromise.
Huntsman
Automated reputation management through OSINT scanning
Your organisation's reputation is its most valuable asset: a negative review here, a suggestive social media photograph there, public sentiment is crucial to company valuation.
Huntsman actively scours the open web for any information relating to your company and users, in particular the c-suite.
But reputation damage doesn't stop at opinions; what about fake products and services posing as your brand?
Huntsman automatically identifies and takes down any website posing as your brand, supplemented by the Hackurity team scouring messaging apps such as Telegram and WhatsApp for brand impostors.
