<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=116645602292181&amp;ev=PageView&amp;noscript=1">


Security Research

The Nocturnus security research team specializes in discovering new attack methodologies, reverse-engineering malware, and exposing new system vulnerabilities. Team Nocturnus was the first to discover a vaccination for two of the largest cyber attacks of 2017-- NotPetya and Bad Rabbit.



The Nocturnus hunting team continuously monitors threats across the globe to proactively seek out malicious activity and identify security gaps within our customers’ environments. Through hunting engagements, the team has unearthed numerous targeted attacks, APTs, and sophisticated malware that would have otherwise gone unnoticed.

Security Operations

The Nocturnus security operations center is globally operated with offices in the U.S., Japan, and Israel to provide 24 X 7 customer support. The team is uniquely positioned to provide rapid incident resolution and to ensure clients are always receiving best-in-class protection.


Incident Response

The Nocturnus Incident Response team provides experience and technical expertise to our customers through all stages of the incident response lifecycle. From preparation, to proactive assessment and response - we sit at the tip of your spear in the fight against advanced threats.


Learn More



The Wannamine cryptominer, which uses the EternalBlue exploits, is still active although a patch that fixes these well-known vulnerabilities was released last March. Amit Serper, Cybereason's head of security research, examines this variant and makes the case for patching your systems.

Read More

The Wannamine cryptominer, which uses the EternalBlue exploits, is ...

Read More

We know if something is too complex for us to analyze, we can escalate it to the Nocturnus team - they’ve got the expertise to help us.

CTO, Health Care Services Organization


Danielle Wood

Danielle has been in the technology industry for 30+ years. During the last 14 years, she has provided forensics and incident response support for US Federal and state organizations and as well as Fortune and Global 100 companies.

Assaf Dahan

Assaf has over 15 years in the InfoSec industry. He started his career in the Israeli Military 8200 Cybersecurity unit where he developed extensive experience in offensive security. Later in his career he led Red Teams, developed penetration testing methodologies, and specialized in malware analysis and reverse engineering.

Peter Ortiz

Peter has over a decade of cybersecurity experience as a network security engineer, forensicator, threat hunter, and incident responder. He’s worked for a Fortune 100 Oil & Gas Company as well as several security managed service providers offering services to thousands of customers.

Amit Serper

Amit began his security career at an Israeli government intelligence agency. He specializes in low-level, vulnerability, exploit and kernel research, malware analysis, and reverse engineering. He has extensive experience researching large-scale network attacks and undocumented OS resources. 

Mor Levi

Mor Levi has over 8 years of experience in cyber investigations, incident response, and SIEM/SOC management. She began her career as a team leader in the Israeli Defense Force security operation center. Later, she led an incident response and forensics team at one of the big four accounting firms providing services to global organizations.

Niv Yona

Niv, Threat Hunting & Research Lead, began his career as a team leader in the security operations center in the Israeli Air Force, where he focused on incident response, forensics, and malware analysis. At Cybereason, Niv focuses on threat research that directly enhances product detections and the Nocturnus hunting playbook.

Vlad Ogranovich

Vlad has been in the industry for 10 years, establishing SOCs and incident response teams, as well as providing large-scale incident response, digital forensics, threat intelligence, and malware analysis for large organizations. Today, Vlad leads the Advanced Services team in Japan's SOC which provides professional services such as IR, malware analysis, and hunting engagements.

There are world-renowned researchers working at Cybereason who I can reach out to to discuss the latest threats.

Justin Metallo, CISO, Beam Suntory