Grey bar Blue bar
Share this:

Tue, 5 Aug 2014

SensePost partners with Paterva to offer improved security intelligence

SENSEPOST PNG on clear
We've been big fans of Maltego and the team at Paterva for a very long time now, and we frequently use this powerful tool for all kinds of fun and interesting stuff, like

We go way back with Andrew and Roelof, who was in fact a founder of SensePost, so today we're super excited to be able to announce a new, strengthened partnership with them under which we have been accredited as an Approved Maltego Solutions Provider. Basically this means the that with Paterva's help we plan to use the powerful Maltego toolset to become better at our job - that is to provide information and information systems to our customer with which they can make sound security decisions. Here's the official news:
SensePost today is proud to announce the completion of a contract that will see the company recognized as the world's first “Approved Maltego Solution Provider” (AMSP) and the exclusive provider of this kind in the UK and Southern Africa.


SensePost was founded in 2000 and has developed into one of the worlds leading Information Security Services companies with offices in London, Cape Town and Pretoria. As trusted advisors it has always been our mission to provide our customers with insight, information and systems to enable them to make strong decisions about Information Security that support their business performance. Whilst this mission has traditionally expressed itself in technical security analysis services like Vulnerability Assessment and Penetration Testing we recognise that the threat landscape is constantly changing and that new and more complex realities necessitate the use of sophisticated new skills, tools and techniques with which to support our clients.


“This strategic alliance perfectly fits the ‘Assess-Detect-Protect-Respond' framework that drives the way we design, sell and deliver our service. It's the perfect evolution of our growing services offering.” says Etienne Greef, CEO of the SensePost group holding company SecureData, who's strategy is at the core of this new initiative.


‘Maltego', built by Paterva, is a powerful suite of software tools used for data mining, link analysis and data visualization, giving the user the ability to extract large volumes of data from diverse sources and then analyze it to understand the patterns and relationships it reveals. In the modern digital age these techniques are used to convert data into information and thereby extract concrete value that can be used for effective decision-making.


Maltego is a highly regarded and popular platform used extensively in Open Source Intelligence Gathering, Infrastructure Analysis for Penetration Testing, Cyber Attack Analysis, Fraud Detection and Investigation, Security Intelligence, Information Security Management, Research and more.


This partnership between SensePost and Paterva (who produce the Maltego software) builds on the companies' shared roots and intellectual heritage and will allow both companies to serve their customers and fulfil their respective missions better.


As an AMSP SensePost will be authorised to provide integration, consulting, support and training for the Maltego tools with full endorsement, support and assistance directly from Paterva. This new capability, combined with an existing wealth of information security skills and experience, uniquely positions SensePost to advise and support clients seeking to exploit the unique strategic advantage the Maltego toolset can offer.


More information on our services and capabilities in this space will follow with our official "launch" in a few weeks time. In the mean, here's a brief summary of our new offering.

Mon, 30 Dec 2013

Goodbye to 2013, hello to 2014

With 2013 coming to a close, I thought it pertinent to look back at the year we've had and also forward to what's promising to be an incredibly exciting 2014 for us.


2013 for SensePost, was a year of transition. With a new leadership structure in myself, Shane and Dominic, we had a chance to stamp our style and vision and also learn from Charl and Jaco. One of the first leadership choices was to expand our reach and open our first office in London, aptly in a borough called Hackney. Here, we grew our family and welcomed some amazing people into the plak. After a few short months, we had outgrown the office and needed to look for bigger premises, this time in another aptly named area: Whitechapel (think Jack the Ripper).


Back in South Africa, after moving to bigger premises down the road, we finally got a chance to make it feel like home. These two new offices have allowed us to continue to grow at a steady pace, whilst still keeping the SensePost vision and vibe alive.


On a technical level, as this is what we are really about, we've had an amazing year. As part of this new vision, we made some key appointments:


Craig Swan, who originally was part of the assessments team and left, returned home to assume the role of Training Manager. On a training front, we've had one of the busiest years to date. From Blackhat in Las Vegas, Brasil and Seattle, to 44Con in London, for our friends in the US and our courses held in Southern Africa, we've trained hundreds of students in the art of offensive security. We've also created two new courses for the Hacking by Numbers series, one concentrating on mobile assessments and the other on malware reverse engineering. However, we are not resting on our laurels and with Craig on-board, 2014 is looking like being an amazing year for education at SensePost.


Victor Tadden, an experienced technical Project Manager, joined the assessment team to help us be more efficient with our delivery of projects. He brings with him a wealth of software dev experience and has already made a significant impact in the way we work, especially managing to wrangle pen testers together daily for scrum meetings, a feat many will tell you is akin to herding cats.


Tiago Rosado joined us from Portugal to head up our Managed Vulnerability Service, a key service line that many of our clients rely on for a more holistic view of their security posture. Our MVS service line is being revamped for 2014 and Tiago will help us achieve this.


Marc Peiser became our IT Manager and with him, brought a wealth of UNIX experience, having worked for a massive global bank. Marc's aim for 2014 is to ensure that our internal networks are not only robust but also allow us to do what we do. Surprisingly enough, we are frequently attacked and having defense in depth approach to IT is as important to us as it is to our clients.


Internally, we've welcomed some new family members, said goodbye to some.We value those who choose to work here very highly, we want work to be a creative environment where people can have fun, grow and most importantly enjoy coming to work. Nothing makes me more proud than seeing a plakker accepting new challenges, often defining the way the security industry works, or helping others with their security needs. As the penetration industry matures, one of my main goals for 2014 is to ensure that our proven hacker ethos remains.



2013 saw us presenting at conferences throughout the year and for the first time in our history, in a total of eight different countries over five continents. Our research included vulnerabilities in the Internet of things, distributed surveillance frameworks, security analysis of the Trustzone OS and Mobicore and finally using Spatial Statistics to detect Fast-Flux botnet Command and Control (C2) domains.


Technical prowess is still at the very heart of what we do at SensePost. We love to pwn and 2014 will see us continuing to write new tools, approach old problems with a new way of thinking and just being, well, us.


In November, after months of negotiations, came the news that we were to be acquired by SecureData Europe. This new chapter for us will usher in a new era of growth and development for us at SensePost and we are truly excited to be part of the SecureData Europe family.


Overall it was a fantastic year, especially for us, the new EXCO. I am extremely proud to stand alongside some incredibly talented people and call them colleagues and look forward to 2014 and what it brings.


From everyone at SensePost, we wish you a Merry Christmas and best wishes for the New Year.

Fri, 1 Nov 2013

A new owner for a new chapter

We're pleased to announce our acquisition today by SecureData Europe.


SecureData (www.secdata.com) is a complete independent security services provider based in the UK and was also previously part of the SecureData Holdings group before being acquired by management in November 2012. The strategic acquisition complements SecureData's vision for enabling an end-to-end, proactive approach to security for global customers by assessing risk, detecting threats in real-time, protecting valuable assets and responding to security issues when they occur.


This deal signals the culmination of a long period of negotiation between SecureData Holdings, SecureData Europe and SensePost management and represents a cordial and amicable arrangement that is considered to be to the benefit of all three businesses. As the management of SensePost we are fully committed to this change, which we believe is in the best interests of SensePost, our staff and our customers. We believe this move will herald for us a new era of growth and development that will see us better equipped and prepared to meet the requirements of the market and fulfil our mission of providing insight, information and systems that enable our customers to make informed decisions about information security.


We look forward to a to an exciting period of innovation, growth and development that we believe this transaction will ultimately enable!

Thu, 14 Feb 2013

Adolescence: 13 years of SensePost

Today was our 13th birthday. In Internet years, that's a long time. Depending on your outlook, we're either almost a pensioner or just started our troublesome teens. We'd like to think it's somewhere in the middle. The Internet has changed lots from when SensePost was first started on the 14th February 2000. Our first year saw the infamous ILOVEYOU worm wreak havoc across the net, and we learned some, lessons on vulnerability disclosure, a year later we moved on to papers about "SQL insertion" and advanced trojans. And the research continues today.


We've published a few tools along the way, presented some (we think) cool ideas and were lucky enough to have spent the past decade training thousands of people in the art of hacking. Most importantly, we made some great friends in this community of ours. It has been a cool adventure, and indeed still very much is, for everyone who's has the pleasure of calling themselves a Plak'er. Ex-plakkers have gone on to do more great things and branch out into new spaces. Current Plakkers are still doing cool things too!


But reminiscing isn't complete without some pictures to remind you just how much hair some people had, and just how little some people's work habit's have changed. Not to mention the now questionable fashion.



Fast forward thirteen years, the offices are fancier and the plakkers have become easier on the eye, but the hacking is still as sweet.



As we move into our teenage years (or statesman ship depending on your view), we aren't standing still or slowing down. The team has grown; we now have ten different nationalities in the team, are capable of having a conversation in over 15 languages, and have developed incredible foos ball skills.


This week, we marked another special occasion for us at SensePost: the opening of our first London office in the trendy Hackney area (it has "hack" in it, and is down the road from Google, fancy eh?). We've been operating in the UK for some time, but decided to put down some roots with our growing clan this side of the pond.



And we still love our clients, they made us who we are, and still do. Last month alone, the team was in eight different countries doing what they do best.


But with all the change we are still the same SensePost at heart. Thank you for reminiscing with us on our birthday. Here's to another thirteen years of hacking stuff, having fun and making friends.

Thu, 8 Nov 2012

Charity Drive - Antarctica Expedition

\

Like many businesses we at SensePost are aware of how fortunate we are and and of the many around us who struggle to make ends meet day to day. We have a heart for our community and regularly supported charities and causes that touch us.

In South Africa its not hard to find causes to support, but one that's particularly close to my heart is the Little Lambs Christian Daycare in a township in Cape Town called 'Imizamo Yethu' (The People Have Gathered).

The Little Lambs Daycare provides Early Childhood Development services and care to the poor in the community of Imizamo Yethu. The daycare operates 5 days per week and 12 Staff members — also from the community — cater and provide a safe learning space for 200 children aged 1 to 6 while their parents can seek work in the nearby town. I've been involved with the daycare for many years now and so I use every opportunity to raise awareness and support for the important work its doing. One way to do that is through a hobby ... endurance running.

Over the last 4 years I've run across the hottest, driest and harshest deserts in the world, over 250km at a time and completely self-supported, as a competitor in the 4 Deserts rough-country endurance footrace series. A unique collection of world-class events that take place over 7 days and 250 kilometers in the largest and most forbidding deserts on the planet. In line with the competition's ethos I've tried to use the interest the races generate to help raise awareness and support for Little Lambs.

This year I face my greatest challenge - a 6 day, 250km self-supported foot race in Antartica. Sixty individuals representing nearly thirty countries are expected to compete in over terrain that will be largely snow (from a few centimeters to a meter deep) with temperatutes as low as -20 C.

I'm hoping to raise R 200 (about $ 20) for every kilometer I run - raising R 50,000 in total for this beautiful and important project.

So here's my shameless plug: If any of the grabs your attention, please consider helping out by learning more, spreading the word or making a donation.

I can't vouch for the security of the donations site. But if you're not comfortable to leave your CC details in there, please contact me and I'll give you details for a direct transfer. Please don't hack them though ... that's not what Jonny meant with 'I Hack Charities'.

Here are all the links:

1. Little Lambs - http://www.littlelambs.org.za/

2. The 'Help Lambs Run' Facebook page, where I post news and updates - http://www.facebook.com/HelpLambsRun

3. Racing the Planet - http://www.4deserts.com/thelastdesert/

4. Donations site (for donating, not hacking) - http://www.doit4charity.org.za/fundraising/Charl.van.der.Walt