Contact UsGet Early Access

Threat Analysis and Reconnaissance

Learn What Critical Networks and Devices Are Under Attack Right Now and Identify Attack Indicators, Network Sources, and Genesis of the Attackers

network nodes
faction - network

Faction Communications Corp. has partnered with the Mobile Intelligence Alliance, a US 501(c)(3) non-profit organization focused on reducing cyber threats to Internet users, to provide independent services on different levels of visibility into internet-exposed devices, including network details and metadata about the connected assets of an organization such as the OS and network services that are exposed and potentially vulnerable to attackers.

Various types of sophisticated, industry leading scanning and analysis tools are used to obtain the information needed to assess the risks of exposed assets to external attacks. Deeper inspection can then reveal active communications and potential attempts of potentially malicious nodes targeting your network, who is attacking, and a profile of the attacking network.

  • Single Review

    • Validated Security Findings
    • Fixed Price Security Assessment
    • Fast turn around available (72 hrs)
    • Clear results with recommended fixes
    • Custom Options Available

    From $5,000

    Get Started Now

  • Quarterly Review

    • Security Review performed Quarterly
    • Hassle Free Regular Assessments
    • Monitor Ongoing System Changes
    • Clear results with recommended fixes
    • Custom Options Available

    From $15,000

    Get Started Now

Our Team Leaders

Our Attack Surface Analysis and Reconnaissance team combines decades of experience, industry leading applications, and proprietary databases, tools and methodologies.

Gary Miller

Team Leader

Gary is a globally recognized cyber threat researcher at The Citizen Lab and founder of The Mobile Intelligence Alliance, a non-profit security research organization. Gary has been featured as a speaker and contributor in over 50 global news outlets, including Reuters, The Washington Post, and The Guardian.

He is credited with reporting foreign cyber attacks targeting high-risk military, government, and civilian victims. He has also been a digital privacy and security whistleblower for US congress and the United Nations, and has worked with agencies including the FBI, DoD, and the UK’s National Cyber Security Centre.

Dave Rand

Technical Advisor

Dave Rand is the Co-founder, CEO & Chief Technologist of Faction Communications.    Dave is a Silicon Valley technologist, serial entrepreneur, CEO and CTO with a 30 year track record of successful products and patents spanning networking, privacy and cybersecurity.  

After retiring as CTO and Technical Fellow of Trend Micro in 2018, Dave retained an active role in the indusry as a go-to White Hat Hacker and consultant.  

Dave advises and consults with the Mobile Intelligence Alliance on the tools and methodologies used in our partnership.
Dave-Rand

Our Tools and Methodolgies

Frequently Asked Questions

  • What are the typical targets of the assessment service?

    The assessment locates connected devices that host network services and run various applications accessible from the internet, such as:

    • Web hosts, including private web servers
    • Virtual hosts, such as virtual servers (both IP-based and name-based)
    • Cloud storage servers
    • Private VPN’s
    • Firewalls
    • Wireless Access Points
    • Internet connected devices, such as web security cameras, sensors, healthcare devices, manufacturing equipment, and other smart and dumb devices.

    You can specify individual IP addresses, network ranges, and include your domains for the assessment. However, for large and highly distributed deployments such as remote sensor or industrial processing networks, you should contact us to discuss customized options.

  • Who uses these Services?

    Organizations of all sizes in many industries are concerned with understanding and mitigating vulnerabilities to internet-based attacks. Not all organizations face the same threats, and the nature and targets of threats are constantly changing.  Our services are designed to address the needs of many industry verticals.

    Our Industry Exposure Reports are for organizations that want to get a current picture of the exposed hosts using applications and services in their industry vertical, and where they should focus their attention to formulate defences.  This report is available to any organization worldwide.

    Our Threat and Vulnerability Assessment services are popular with anyone who wants to understand the exposure and vulnerabilities in the security postureof their specific organization with regard to internet exposed networks, devices and data. Currently, these services are restricted to organizations in North America[GM1] , which can vary from small business to large enterprises.

    Our Threat Analysis and Reconnaissance services are for organizations that have reason to believe that they may be under current or imminent attack. Typically, this is due to a specific cause for concern, such as:

    • Warnings or alerts from the media, cybersecurity and/or law enforcement agencies relevant to your industry vertical or organization;
    • Poor network performance or unusual behavior from IT equipment and concerning computer activity observed by staff;
    • Amplified alerts from virus monitoring tools, increased volume of phishing emails, and application or computer lockups;
    • Concerns of active threats resulting from an initial Industry Exposure Report;
    • Discovery of specific vulnerabilities resulting from a Threat and Vulnerability Assessment.

     [GM1]Why is this restricted to organizations in North America?

  • Can I get an assessment against client systems?

    Of course! Agencies and consultants can use this service to perform security reviews of sites they are handing over or working on. A value added service for your web projects or managed services.

  • Why is there a minimum fee for a Threat and Vulnerability Assessment?

    We use various security tools to provide actionable information to our clients. Due to the highly sensitive nature of the reporting outputs, we use payment as part of the identification, verification, and screening process to prevent abuse. You must be the owner or operator of the system or have explicit authorization for us to conduct a vulnerability security assessment on behalf of your organization.

    Conducting a vulnerability assessment takes time and resources to address in a professional and thorough manner while providing rapid response. Please fill out our registration form to schedule a consultation to determine if your organization qualifies for any special programs.

  • Can our integrations with 3rd party vendor equipment be included?

    Yes, if you have systems installed or integrated with 3rd party vendors, let us know and we can include them in our scans and analysis.

  • What does the Threat and Vulnerability Assessment Include?

    1. We provide an inventory report of exposed host IP addresses, open services on those hosts, assets at a particularly high risk of adversary exploitation, and potential vulnerabilities of those hosts in the context of an organization’s network security posture.
    2. Recommendations on steps for mitigation or remediation, if further investigation is warranted, and key focal points.

  • What does the Threat Analysis and Reconnaissance package include?

    1. Report. We compile a report after conducting an analysis of the results from the active and passive security tools. Sections include an overall summary of the results, including vulnerabilities found, a list of discovered vulnerabilities with recommended remediation steps, and an inventory of exposed assets in an appendix that contains the raw results and screenshots from the tools that used during the assessment.
    2. Presentation & Consultation. We conclude with a 1 hour working consultation to walk through the results, answer any questions, and ensure that you have actionable findings.
    3. Next Steps and Follow Ups. If necessary, we can schedule additional periodic analysis and reconnaissance of your network or refer you to managed security or forensic professionals based on the results. (These are optional and would depend on your choice of follow-on actions and expertise required to address any identified attacks or compromise).

  • What % of these fees does Faction Communications get?

    The Mobile Intelligence Alliance, a non-profit 503(c)3 corporation, provides all of the professional services and analysis and keeps 75% of the fees. Faction Communication Corp. keeps 25% of the fees to cover the following:

    1. e-commerce and other processing costs;
    2. scheduling and management of customer engagements;
    3. proprietary tools, databases and expertise that we provide in delivery of these services.

    Our partnership with Mobile Intelligence Alliance is based on our shared goal to help average users and small to mid-sized businesses to increase their understanding and awareness of the many threats to their security and privacy, and enable them to do something about it.

    Faction Communications is open to and engaged in discussion with other partners in this area. Professional services is not a long term component of our business model, which is focused on our SaaS platform, applications and solutions.

  • Will Faction partner with other organizations for attack surface assessments and threat analysis?

    Certainly! However, this area has many different tools, consultants and contractors, which makes it very challenging and complex for the average small to mid-sized business user to sort out the wheat from the chaff.

    Or in some cases, it can be far worse. When it comes to VPNs – and cybersecurity tools – there are actually very large numbers of apps which are malware created by both criminal gangs and hostile state actors.

    Therefore, Faction will go through a careful vetting process of any organizations that we recommend and/or partner with, and certainly expects the same in return! There is nothing more important to us then the security and privacy of our customers and users.