Our Industry Experience
Web Application Exploitation Emergency Response
Nebotain led the emergency recovery from a targeted SQL injection attack of a public-facing prepaid credit card portal of the organization. Nebotain conducted incident and crisis management activities to contain and eradicate the threat while engaging legal, law enforcement, banking regulators and public relations personel.
Account Takeover Attack campaign Mitigation
Nebotain responded and mitigated a distributed password spraying and brute force attack campaign on publicly facing APIs of the organization. Recovery activities included hardening of the external website platforms, an implementation of an API security layer, and 24/7 monitoring and response to threats.
PCI DSS Compliance Program
Nebotain created and led a compliance program to the PCI-DSS standard within the organization The program included implementation of database encryption technologies, implementation of compensating controls in the form of database activity monitoring and the re-architecting of the internal network based on security zones.
Insider Threat Mitigation
Nebotain investigated multiple instances of theft of subscriber information within the organization. The investigation resulted in the prosecution of the adversaries and the creation of a risk mitigation plan with the implementation of Data Leakage Prevention and Insider Threat Detection technologies to enhance detection and response mechanisms.
Social Engineering Attack campaign Mitigation
Nebotain conducted a year long hunt after a persistent threat actor that conducted weekly social engineering attempts intended to defraud the customer support staff of the organization. Nebotain used various HUMINT, OSINT and deception techniques to pursue, find the perpetrator and convict him.
Classified Information Protection Program
Nebotain formed and lead a Classified Information Protection program within the organization while complying with rigorous national security requirements. The program included implementation of technical , physical, and organizational security controls intended to protect classified information held within the IT, OT and Cellular environment.
Online gambling and sports betting
Secure Development Lifecycle Program
Nebotain created an application security program while working closely with the development teams of the organization. The program included secured development training to over 70 developers, creation of secure coding practices, implementation of code reviews , static code analysis and penetration testing prior to production deployment and continuous runtime protection mechanisms.
Distributed Denial of Service Attack campaign Mitigation
Nebotain battled a DDoS attack campaign of of public facing game servers of the organization. Nebotain led the Incident Response team within the organization and also managed multiple third parties and Emergency response teams of the world’s leading DDoS mitigation providers.
DNS Poisoning/ Redirection Attack campaign Mitigation
Nebotain battled a long campaign of DNS redirection of public facing websites of an organization. The response included development of monitoring software that was deployed in the wild and a semi automated response capability . The team worked in close collaboration with the World’s leading DNS providers.
Copyright Infringement \ Digital Risk Protection
Nebotain countered an adversary group who targeted an organization's customers with phishing and account takeover attempts. Together with Marketing teams, Nebotain set up a Digital Risk Protection \ Brand Protection program utilizing one of the world's leading providers. The program included 24/7 detection and response to infringing content of fake websites while working with law enforcement to take down the offending sites.
Advanced Persistent Threat Mitigation
Nebotain countered an adversary group which intended to defraud the organization. The attack was contained and eradicated during the course of sixteen weeks with the assistance of an internal and external Cyber Forensics and Incident Response team.
Secure and Redundant Data Center Design
Nebotain led multiple engineering teams through the design and implementation of a fully redundant and secure data meeting uptime requirements of %99.99 availability. The design followed a rigorous threat modelling process, while the implementation included failover, recovery and penetration testing of the network, infrastructure and database components.
Electric vehicle industry
Advanced Persistent Threat Mitigation
Nebotain countered an adversary group which intended to access the OT environment of the electric battery switching stations of the organization. The attack was contained and eradicated during the course of 6 weeks with the assistance of an internal and external Cyber Forensics and Incident Response team.
Business Email Compromise Emergency Response
Nebotain led the emergency response to a business email compromise attack on the organization. The attack included the investigation, mitigation of the attack and attribution of the threat group, who managed to impersonate a supplier and reroute funds to foreign bank accounts.
Red Team Testing Program
Nebotain formed and led a continuous Red Team testing program across the IT and OT environment of the organization across multiple continents. The program included mutually agreed upon targets and KPIs and included a continuous improvement and lessons learned engagement following each attack campaign.