<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=694598870919452&amp;ev=PageView&amp;noscript=1">
May 16

New Video Explaining Binary Defense's Vision Platform

When it comes to what we’re doing here at Binary Defense, our greatest strength is our team and being an extension of the security team. With Binary Defense's Vision Platform, the ability to get insight into what's happening from an attacker’s perspective becomes simple. Our goal with Vision is to provide our attack intelligence and the visibility you need - from day one. Combined with our managed services, having a true extension of a security team becomes possible and maintainable.

read more →
May 02

PowerShell Injection with Fileless Payload Persistence and Bypass Techniques

PowerShell continues to be the tool of choice for defenders, IT administrators, and hackers. The extensibility, support, and ability to have a full-fledged programming language at your fingertips provides a whole new level of Microsoft’s operating system that was drastically missing in the past. We are huge advocates of PowerShell at Binary Defense, and it is our number one go to when it comes to performing everything from simplified administration, all the way to automation testing and complex programs. In addition, for legitimate use for defense and administration, many tools such as PowerShell Empire, PowerSploit, and more are used by the security research industry as well as hackers.

read more →
Apr 25

Binary Defense’s Vision Platform v3 Released – Welcome to Containment

When we started with Binary Defense’s Vision platform years ago, we knew it would be a long road and something to where we would continuously get better over time. Our motto is to always do things the right way, and build in the knowledge of attack intelligence through the industry to help the industry get better in defense.

read more →
Jan 18

The Dangers of Embedded LNK files in Office Documents

Using office macros to exploit endpoints continues to be a popular method for exploitation. Users are presented with a dialog box, which they must click for the attack to work, most users will click, especially if the document looks like something they normally operate on. This removes the need for attackers to have office or browser zero-days. It also makes exploitation simpler and cheaper. Additionally, it is typically possible to tune the malicious macro to bypass security controls like anti-virus. There are even toolkits like Luckystrike to ease macro exploit development.

read more →
Jun 16

Distributed HoneyNets and Understanding Attack Emulation with BDS Vision

One of the cool things developing a product is designing defensive software that detects what you do as an attacker. Growing up through the offensive mindset gave me a unique perspective on what I need to do to gain access to systems. The concept of honeypots is nothing new and has been around for ages. One of the tools I designed initially was Artillery which has had wide-scale deployment success in networks for early indicators of compromise. BDS Vision is a distributed endpoint and server software agent that has been designed from the ground up on the attacker mindset and looking at all of the patterns that we would commonly use for exploitation.

read more →
May 04

BDS Vision - Real-Time Detection Software

When I left an amazing job as a Chief Security Officer, my goal was to build a team that changed the industry for the better. I started TrustedSec with the mindset of starting Binary Defense and ultimately continuing to build something special. At TrustedSec, we always found that a company would have a number of technologies; however, there would be a large gap in understanding offensive capabilities. As an industry, we provide a service to identify risks, protect our businesses, equipment, technology, and more. Understanding the offense and detecting attackers in the early stages shouldn't be a mystery or an unknown.

read more →