Our Past Projects

Incident Response

Our certified team handled cybersecurity incidents (Ransomware, APT, Insider Attack) for different industries, from manufacturing company, marketing agency to prominent public sector entity. While specific details remain confidential due to non-disclosure agreements, we leveraged our expertise to successfully contain, analyze, and rectify the situation, ensuring the continued trust and operational security of our client. We recently leverage VirusTotal enterprise to extend our threat intelligence capability to detect further threats and make attribution.

Security Consultancy for a Software Vendor

Our team has been entrusted to deliver an end-to-end security consultancy service for a software vendor specializing in game development. Our comprehensive suite of services spanned incident response, advanced penetration testing, in-depth security assessments, meticulous policy reviews, and strategic project advisories. Moreover, leveraging the capabilities of Splunk, we also provided real-time security monitoring, ensuring a robust defense mechanism against potential threats and safeguarding the integrity of the vendor's digital assets. We recently leverage VirusTotal enterprise to extend our threat intelligence capability to detect further threats and make attribution.


Red Team Testing

Our team has had the privilege of conducting red team testing for one of Asia's most prestigious financial corporation in Hong Kong. Red teaming is an adversarial approach where we simulate a full-scale cyber attack on an organization to assess its overall security posture and evaluate its detection and response capabilities.

This particular engagement tested every facet of the organization's defenses, from its electronic trading systems to its backend databases and even the human elements through social engineering techniques. Our comprehensive assessment provided the client with invaluable insights into potential vulnerabilities, helping them understand real-world attack scenarios and bolster their security measures accordingly.

Vulnerability Assessment and Penetration Test

Our team has been entrusted to carry out in-depth penetration testing and vulnerability assessments for some of Hong Kong's most distinguished organizations spanning multiple sectors (Charity, Sports, Insurance, Financial Corporations, NGOs). Through penetration testing, we simulate real-world cyber attacks to uncover weaknesses in an organization's IT infrastructure, applications, and operational procedures. This methodical approach tests the robustness of their defense mechanisms under realistic threat scenarios.

Complementing this, our vulnerability assessments meticulously scan and evaluate the organization's systems to identify potential security flaws. Rather than exploiting these vulnerabilities, as we would in penetration tests, the assessment focuses on cataloging and prioritizing them based on potential impact and likelihood of exploitation.

Cybersecurity Training

Our team offers an all-encompassing cybersecurity training suite tailored for diverse professional needs. Highlights include:

Incident Handling: Trainees master swift threat identification, containment, and mitigation, minimizing potential breaches.
Red vs. Blue Team Testing: Real-world cyber warfare simulations are used to hone both offensive and defensive cyber strategies.
Web Hacking Techniques: Covering prevalent web vulnerabilities such as SQL injection and XSS, the curriculum emphasizes practical exploitation and robust defense.
Advanced Exploitation: Participants delve into sophisticated techniques of crafting payloads and ethically bypassing security protocols.
Cybersecurity Awareness Training: A crucial component, it focuses on enhancing organizational culture, teaching staff to recognize threats, and instilling best practices for daily operations.

With our methodical approach, we ensure participants are equipped to address the multifaceted cybersecurity challenges of today's digital landscape.