Unshakeable Salt

Incognito Mode

A lot can happen in 3 years. Our spell in Incognito Mode has seen the world travel through Covid and emerge to a new definition of ‘normal’. Our clients workforces refrain from attending the office and information security vectors have changed significantly.

Where have we been?

Initially, our digital absence started due to our heavy involvement in the creation of a new Security Operations Centre. The world went into lockdown and we went to assist the NHS. Not gone, we have been in incognito – just visible and traceable if you looked hard enough.

In our radio silence we moved from government department to government department, transferring knowledge as part of our travels. Completing the set up of yet another Security Operations Center, we have implemented a fresh Security Engineering toolset to facilitate rapid maturity.

3 Years to the day

Major security events have of course happened during our digital silence. The three big breaths of Conti, Lapsus$ and Apache Log4J caught the mainstream media attention, through which we have remained respectfully silent.

For those in the know, we had an engagement dealing with CVE-2022-26134. Embedded within Atlassian, this allowed for an unauthenticated remote code execution, allowing their attacker to run nefarious code on their local Confluence Server instance.

We’re now transitioning the Security Operations Centre across its new operator.

Agency: Incognito mode

If you thought that our blog was quiet, then the CV folder on our fileserver is silent! Asked to provide the latests CV for some of our consultants for a clients tender proposal, we realised it has been five years since we have had to update them.

Customer referrals remain our primary contract driver, reducing our reliance on agencies. The contract market has changed dramatically over the last 3 years and from our lens, this trend shows no sign of reversing. If you represent an agency and are reading this from following a link on a CV, then it is safe to say that the data that you have is out of date.

The Future of SIEM Platforms: From Obsolescence to Renaissance Brute force and ignorance Trusting AI: Threat Detection in SIEM Tooling

View Comments

DEFCON 28 Safe Mode
Next Post