Incident Response
Rapid on-site deployment and remote response and mitigation of computer security incidents.
European Cybersecurity Company.
Threat Intelligence. Incident Response. Cyber Advisory.
About Us
Research & Development
Generation of new knowledge on cybersecurity incidents, vulnerabilities and malware, development of specialized tools for prevention, detection and response.
Proactive Security
Ethical hacking, cyber intelligence, technical assessment and hardening of infrastructure and information systems, governance, risk management and compliance, trainings and exercises.
Reactive Security
Cybersecurity incident response, acquisition of digital evidence, digital forensics and court expert witness services. Malware analysis, malware vaccines development and cyber counterintelligence.
We’re An European Cyber Security Company.
IstroSec is an ethical company that conducts its business activities honestly, apolitically, directly and fairly to all parties involved.
IstroSec’s Vision
To be an international leader in research, development and cyber security services and deliver strong, innovative and effective solutions to tackle cybersecurity challenges.
IstroSec’s Objectives
Our goal is to offer quality professional services to our customers at a reasonable price and to continuously increase our customer’s security resilience.
IstroSec’s Experiences
We have a track record of hundreds of incident response engagements, including APT groups, our own CVEs and countless pentests, malware analyses and trainings.
IstroSec’s Clients
Our customers are SMEs, corporations, Fortune 500 companies and governmental entities across all industries which take cyber security very seriously.
Our Services
Offensive Security
Vulnerability Assessment, Penetration Testing, Red Team and Purple Team Engagements.
Threat Hunting
Active hunting for threats in infrastructure based on TTPs and searching for indicators of compromise.
Defensive Intelligence
Data Leaks Searches and Analysis, ClearWeb, DeepWeb, DarkWeb.
Managed Defense
SOC Level 3+, administration and optimization of EDR, SIEM, SOAR and other cybersecurity technologies.
Digital Forensics
Acquisition of digital evidence, investigation, and reconstruction of security events and incidents. Processing of expert testimonies.
Malware Analysis
Analysis of properties, functionality, origin, potential impacts of malicious code, and reverse engineering.
Attack Simulations
Phishing, Spearphishing, Whaling. Custom Scenarios incl. Custom “Malware”. Simulation of advanced attacks and APT.
Audit and Advisory Services
Audits and Implementations of Security Frameworks, vCISO. Technical Audits and Hardening.
Trainings and Exercises
Trainings for personnel, IT professionals and management. Tabletop exercises and drills.
Incident Preparedness
Assessment of adequacy of processes and technology for swift and effective reaction.
IstroCSIRT Services
Full array of CSIRT services, including 24/7 DFIR and proactive security.
Our Skills
We’ve skilled in wide range of cybersecurity fields.
Strong, innovative, multi-disciplinary team of experts, ethical hackers, incident responders and consultants with long-standing experience.
Our Certificates
GCFE
GIAC Certified Forensic Examiner
GCFA
GIAC Certified Forensic Analyst
GCPN
GIAC Cloud Penetration Tester
GXPN
GIAC Exploit Researcher and Advanced Penetration Tester
CISA
Certified Information Systems Auditor
CRISC
Certified in Risk and Information Systems Control
CISSP
Certified Information Systems Security Professional
AWSC
Advanced Windows Security Course Certified Security Professional
OSCP
Offensive Security Certified Professional
OSWP
Offensive Security Wireless Professional
CRTP
Certified Red Team Professional
CRTE
Certified Red Team Expert
CEH
Certified Ethical Hacker
CCNA
Cisco Certified Network Associate
CCDCOE
NATO Cooperative Cyber Defence Centre of Excellence
Enisa
Mobile Threats & Incident Handling; Digital forensics; Artefact Analysis
TF-CSIRT
Trusted Introducer
Microsoft Certified
Azure Security Engineer Associate
CCFA
CrowdStrike Certified Falcon Administrator
CCFR
CrowdStrike Certified Falcon Responder
CCFH
CrowdStrike Certified Falcon Hunter
0
People trained
0
Malwares analyzed
0
IR and Forensic analysis
0
Penetration tests
0
APT groups faced
0
CVE published
0
Years of experience together
0
Phishing emails sent
Latest Posts
How to trace the user: Windows 10 Timeline
Introduction Windows 10 Timeline is a relatively new forensic artefact, which was introduced in Windows 10 version 1803.
Research and Vulnerabilities
Since Microsoft published a new RCE vulnerability in Microsoft Windows Media Foundation discovered by us, we would also like to share full list of vulnerabilities we have discovered.
A WebSocket Based Reverse Shell, Part 1 - Agent
Standard remote shells like SSH require that the target machine needs to be visible over the network.