Capabilities :: Exodus Intelligence

our capabilities

The Most Critical
Threats Don’t Have A CVE

We strive to ensure each and every capability we provide our customers are relevant,
reliable, and well documented. Find out more about what we offer and how we can
enable you to focus on what is truly important.

Contact us for an overview of our
capabilities and examples of how they have
been utilized by our customers.

We equip a wide range of customers

which are you?

Active Defense

Security stack validation is critical to successfully defending the enterprise. We can provide a wide range of exploit code to support those tasked with conducting red team exercises.
Enterprise Defense

By integrating our intelligence, vendors and organizations are able to provide pro-active protection against vulnerabilites we discover to their customers and end users.
Specialized

Often we receive requests that do not fall into our standard offerings. As we enjoy difficult problems, we work with our customers in these situations to produce innovative and trustworthy results.

Active Defense use cases

case 01

In early 2013, members of Facebook's Incident Response Team spoke at a security conference about their positive experience using zero-day exploits on their own (unaware) employees and systems in order to test their internal reactive procedures.

Simulating a realistic attack enabled Facebook to better understand and improve their ability to respond to a cyber attack.

Reference link: http://threatpost.com/how-facebo…
case 02

Syndis is Scandinavia’s leading provider of attack technology services. Their goal-oriented methodology uses zero-day exploits to more closely mimic both the techniques and capabilities employed by sophisticated threat actors.

This demonstrates to their clientele the threat a determined attacker poses, with measurable results and proven solutions for mitigation.

Reference link: http://www.vocativ.com/video/ic…
case 03

NSS Labs, Inc. is the recognized leader in independent security research and testing.

Determining the effectiveness of defensive security products requires a rigorous validation process using advanced real-world exploits.

The 0-day exploits Exodus Intelligence provides to NSS enables them to provide decision-makers with an accurate analysis of the security efficacy of leading defensive products.

Reference link: http://www.nsslabs.com/

defensive use cases

case 01

The well-known Nessus scanner from Tenable identifies hosts and their susceptibility to known vulnerabilities and misconfigurations.

By integrating zero-day intelligence from Exodus, premium users of Nessus are able to determine if their systems are currently vulnerable to discovered zero-day vulnerabilities.

Reference link: http://www.tenable.com/product…
case 02

An unnamed customer works with Exodus to keep apprised of zero-day vulnerabilities affecting SCADA systems.

They relay relevant details and mitigations through their early warning system, subscribed to by dozens of administrators of critical infrastructure sites.

Reference link: http://news.softpedia.com/news…
case 03

Fortinet utilizes vulnerability intelligence to deliver a combination of multi-layered security knowledge and provide true zero-day protection from new and emerging threats to their customers.

The zero-day intelligence provided by Exodus assists companies like Fortinet to ensure their customers are protected against the most pertinent threats.

Reference link: http://www.fortinet.com/sites/de…

specialized use cases

Case 01

The United States FBI has utilized zero-day exploits to assist in their Lawful Intercept efforts, specifically to deploy their Computer and Internet Protocol Address Verifier (CIPAV) software on target criminal's computers.

The FBI has been using the CIPAV since 2002 against hackers, online sexual predators, extortionists, and others, primarily to identify suspects who are disguising their location using proxy servers or anonymity services, like Tor.

Reference link http://www.wired.com/threatlevel/2013/09…
Case 02

Government defense department systems today face a broad and sophisticated cyber threat, with every application scanned and probed millions of times a day.

The cost-savings of third-party software and service providers, the interconnectivity of software systems, as well as the proliferation of Web services and cloud computing has increased the exposure of commercial off the shelf (COTS) software to the cyber threat.

Exodus' experience and expertise enables such agencies and organizations to secure their COTS applications, without the need for source code.

Copyright © 2023 Exodus Intelligence