We know if something is too complex for us to analyze, we can escalate it to the Nocturnus team - they’ve got the expertise to help us.
In 2018, the Cybereason Nocturnus team identified an advanced, persistent attack targeting global telecommunications providers carried out by a threat actor using tools and techniques commonly associated with the Chinese-affiliated threat actor APT10. This multi-wave attack focused on obtaining data of specific, high-value targets and resulted in a complete takeover of the network.
Read About the Attack
We find the latest threats so you don't have to. The Nocturnus team actively seeks out new attack methodologies and system vulnerabilities, so you can make sure your system is prepared for the most recent threats.
The Nocturnus hunting team continuously monitors threats across the globe to proactively seek out malicious activity and identify security gaps within our customers’ environments. Through hunting engagements, the team has unearthed numerous targeted attacks, APTs, and sophisticated malware that would have otherwise gone unnoticed.
The Nocturnus security operations center is globally operated with offices in the U.S., Japan, and Israel to provide 24 X 7 customer support. The team is uniquely positioned to provide rapid incident resolution and to ensure clients are always receiving best-in-class protection.
The Nocturnus incident response team provides experience and technical expertise to our customers through all stages of the incident response lifecycle. From preparation, to proactive assessment and response - we sit at the tip of your spear in the fight against advanced threats.
Assaf has over 15 years in the InfoSec industry. He started his career in the Israeli Military 8200 Cybersecurity unit where he developed extensive experience in offensive security. Later in his career he led Red Teams, developed penetration testing methodologies, and specialized in malware analysis and reverse engineering.
Amit began his security career at an Israeli government intelligence agency. He specializes in low-level, vulnerability, exploit and kernel research, malware analysis, and reverse engineering. He has extensive experience researching large-scale network attacks and undocumented OS resources.
Mor Levi has over 8 years of experience in cyber investigations, incident response, and SIEM/SOC management. She began her career as a team leader in the Israeli Defense Force security operation center. Later, she led an incident response and forensics team at one of the big four accounting firms providing services to global organizations.
Vlad has been in the industry for 10 years, establishing SOCs and incident response teams, as well as providing large-scale incident response, digital forensics, threat intelligence, and malware analysis for large organizations. Today, Vlad leads the Advanced Services team in Japan's SOC which provides professional services such as IR, malware analysis, and hunting engagements.
Peter has over a decade of cybersecurity experience as a network security engineer, forensicator, threat hunter, and incident responder. He’s worked for a Fortune 100 Oil & Gas Company as well as several security managed service providers offering services to thousands of customers.
Danielle has been in the technology industry for 30+ years. During the last 14 years, she has provided forensics and incident response support for US Federal and state organizations and as well as Fortune and Global 100 companies.
Niv, Threat Hunting & Research Lead, began his career as a team leader in the security operations center in the Israeli Air Force, where he focused on incident response, forensics, and malware analysis. At Cybereason, Niv focuses on threat research that directly enhances product detections and the Nocturnus hunting playbook.
Lior is a senior threat researcher at Cybereason, focusing on threat hunting and malware research. Lior began her career as a team leader in the security operations center in the Israeli Air Force, where she mostly focused on incident response and malware analysis.
Daniel Frank is a senior Malware Researcher at Cybereason. Prior to Cybereason, Frank was a Malware Researcher in F5 Networks and RSA Security. His core roles as a Malware Researcher include researching emerging threats, reverse-engineering malware and developing security-driven code. Frank has a BSc degree in information systems.
JUSTIN METALLO, CISO, BEAM SUNTORY