EXPERT ANALYSIS ON
THE LATEST THREATS

Cybereason has brought the world’s brightest minds from the military, government intelligence, and enterprise security to uncover emerging threats across the globe.

 

"We know if something is too complex for us to analyze, we can escalate it to the Nocturnus team - they’ve got the expertise to help us."

VISIBILITY_HUNTING_CR_ICONS-13

WHAT WE DO

 
ACTIONABLE SECURITY RESEARCH
The Nocturnus Team uncovers malicious operations, new attack methodologies and exploitable vulnerabilities so defenders can be prepared.
 
PROACTIVE THREAT HUNTING
The Nocturnus Team continuously monitors the globe to find new malicious activity and reveal attacks that would have otherwise gone undetected.
 
ENABLING SECURITY OPERATIONS
The Nocturnus Team is uniquely positioned to ensure defenders are always receiving best-in-class intelligence and 24 X 7 customer support.
 
HOLISTIC INCIDENT RESPONSE
The Incident Response Team provides expertise through all stages of the response lifecycle from preparation to assessment and remediation.

Team Nocturnus

Assaf Dahan
 

X

Assaf Dahan

Assaf has over 15 years in the InfoSec industry. He started his career in the Israeli Military 8200 Cybersecurity unit where he developed extensive experience in offensive security. Later in his career he led Red Teams, developed penetration testing methodologies, and specialized in malware analysis and reverse engineering.

Amit Serper
 

X

Amit Serper

Amit began his security career at an Israeli government intelligence agency. He specializes in low-level, vulnerability, exploit and kernel research, malware analysis, and reverse engineering. He has extensive experience researching large-scale network attacks and undocumented OS resources.

Mor Levi
 

X

Mor Levi

Mor Levi has over 8 years of experience in cyber investigations, incident response, and SIEM/SOC management. She began her career as a team leader in the Israeli Defense Force security operation center. Later, she led an incident response and forensics team at one of the big four accounting firms providing services to global organizations.

Vlad Ogranovich
 

X

Vlad Ogranovich

Vlad has been in the industry for 10 years, establishing SOCs and incident response teams, as well as providing large-scale incident response, digital forensics, threat intelligence, and malware analysis for large organizations. Today, Vlad leads the Advanced Services team in Japan's SOC which provides professional services such as IR, malware analysis, and hunting engagements.

Peter Ortiz
 

X

Peter Ortiz

Peter has over a decade of cybersecurity experience as a network security engineer, forensicator, threat hunter, and incident responder. He’s worked for a Fortune 100 Oil & Gas Company as well as several security managed service providers offering services to thousands of customers.

Danielle Wood
 

X

Danielle Wood

Danielle has been in the technology industry for 30+ years. During the last 14 years, she has provided forensics and incident response support for US Federal and state organizations and as well as Fortune and Global 100 companies.

Niv Yona
 

X

Niv Yona

Niv, Threat Hunting & Research Lead, began his career as a team leader in the security operations center in the Israeli Air Force, where he focused on incident response, forensics, and malware analysis. At Cybereason, Niv focuses on threat research that directly enhances product detections and the Nocturnus hunting playbook.

Lior Rochberger
 

X

Lior Rochberger

Lior is a senior threat researcher at Cybereason, focusing on threat hunting and malware research. Lior began her career as a team leader in the security operations center in the Israeli Air Force, where she mostly focused on incident response and malware analysis.

Daniel Frank
 

X

Daniel Frank

Daniel Frank is a senior Malware Researcher at Cybereason. Prior to Cybereason, Frank was a Malware Researcher in F5 Networks and RSA Security. His core roles as a Malware Researcher include researching emerging threats, reverse-engineering malware and developing security-driven code. Frank has a BSc degree in information systems.

Recent Research

Research

NEW TRICKBOT MALWARE VARIANTS

TrickBot gang operations featuring more new variants of the Bazar Loader.

Read the Research

Research

VALAK MALWARE TARGETS ENTERPRISES

Valak Malware steals enterprise passwords along with the digital certificate.

Read the Research

Research

MULTI-STAGE RANSOMWARE

Nocturnus has investigated multiple instances of ransomware attacks against large critical infrastructure providers.

Read the Research

LEARN MORE ABOUT NOCTURNUS RESEARCH

TALK TO A DEFENDER