- No sketchy stuff
- We don't build surveillance systems, hack activists, sell exploits to intelligence agencies, or anything like
that. If a job is even remotely morally questionable, then we won't do it.
- Teach to fish
- During engagements, we will not only share our results with your company, but provide a step-by-step
description of how to perform the same audit or procedure without us. We want to demystify what we're
doing. It's not rocket science.. and we genuinely want to help your company improve its security
posture.. even if it costs us repeat business.
- Releasing ALL tools and frameworks we build as open source on our website.
- IoCs for free
- Releasing ALL collected threat intelligence (Indicators of Compromise) into an open source database that
everyone can freely use. (Sanitized in agreement with customers.)
- Zero days
- We don't sell zero-days.. we responsibly disclose them!