Together. Secure. Today.
Digital security delivered by professionals with a wealth of experience.
We bring a combination of offensive and defensive security together to provide you the highest quality of service and insights.
Our services
We offer multiple connected services
Red teaming
Simulating an advanced adversarial attack on your organization tests your defensive measures, including detection and response capabilities. The objective of a red teaming exercise is validating your assumptions and enabling you to take the next steps in increasing your cyber security maturity.
What we do:
- TIBER exercises in line with the TIBER-EU or local TIBER framework.
- Red teaming exercises based on jointly selected scenarios and objectives.
- Attack simulations via remote IT infrastructure, physical entry or assumed breach scenarios.
Purple teaming
Building a solid cyber defense works best if offense and defense join forces. Our collaborative purple teaming sessions replay attacks, stimulate knowledge transfer between offensive and defensive experts and engage your team in pragmatic, creative enhancements of your detection logic.
What we do:
- Facilitating a defensive capability workshop to kickstart the exercises, and to gain more insight in your current detective capabilities, before putting them to the test.
- Purple teaming exercises to perform Tactics, Techniques and Procedures (TTPs) real-life adversaries use during a cyber attack.
- Acceleration of the learning effects of your defensive team by including FalconForce defensive professionals.
Purple teaming
Building a solid cyber defense works best if offense and defense join forces. Our collaborative purple teaming sessions replay attacks, stimulate knowledge transfer between offensive and defensive experts and engage your team in pragmatic, creative enhancements of your detection logic.
What we do:
- Facilitating a defensive capability workshop to kickstart the exercises, and to gain more insight in your current detective capabilities, before putting them to the test.
- Purple teaming exercises to perform Tactics, Techniques and Procedures (TTPs) real-life adversaries use during a cyber attack.
- Acceleration of the learning effects of your defensive team by including FalconForce defensive professionals.
Blue teaming
As the security monitoring team, your business trusts you with the protection of their crown jewels. They expect you to be able to detect advanced threat actors timely and mitigate whatever threats they pose. This is a rat race and catching the threat actors in complex IT environments with ever-changing assets is …. challenging. The key to success here is largely based on having advanced detections implemented. We offer a way to save your team valuable time and provide you access to our continuously increasing repository of advanced detection content.
What we do:
- Provide you with a steady stream of custom, advanced detections based on our ongoing defensive R&D and red teaming insights.
- Consultancy on various threat detection topics, such as threat hunting, pipeline and deployment automation, detection testing and BloodHound integration.
Training
At FalconForce, we strive to share our expertise and help you reach the zenith of your learning journey. Our team members regularly present at conferences, while they have also created immersive, instructor-led trainings that guarantee a comprehensive learning experience!
What we do:
- Our training is highly interactive and retains a good balance between theory and a lot of hands-on exercises for the students to get used to the detection engineering methodology. A perfect preparation to start implementing this at your organizations.
- The intended audience is medior-level detection engineers, SOC analysts, threat hunters and red teamers.
- We offer our training in a 4-day version, with theory, discussion and lots of hands-on exercises.
Training
At FalconForce, we strive to share our expertise and help you reach the zenith of your learning journey. Our team members regularly present at conferences, while they have also created immersive, instructor-led trainings that guarantee a comprehensive learning experience!
What we do:
- Our training is highly interactive and retains a good balance between theory and a lot of hands-on exercises for the students to get used to the detection engineering methodology. A perfect preparation to start implementing this at your organizations.
- The intended audience is medior-level detection engineers, SOC analysts, threat hunters and red teamers.
- We offer our training in a 4-day version, with theory, discussion and lots of hands-on exercises.
About us
Trust and integrity are paramount in digital security services. Each individual Falcon has a strong track-record working in offensive or defensive security in sensitive environments.
Our clients
Trusted by leading organizations around the world
Knowledge center
Latest articles
Azure DevOops 0x01 – It is not my machines, it is your code!
[dsm_breadcrumbs show_home_icon="off" separator_icon="K||divi||400" admin_label="Supreme Breadcrumbs" _builder_version="4.18.0" _module_preset="default" items_font="||||||||" items_text_color="rgba(255,255,255,0.6)" custom_css_main_element="color:...
Automating enumeration of missing reply URLs in Azure multitenant apps
[dsm_breadcrumbs show_home_icon="off" separator_icon="K||divi||400" admin_label="Supreme Breadcrumbs" _builder_version="4.18.0" _module_preset="default" items_font="||||||||" items_text_color="rgba(255,255,255,0.6)" custom_css_main_element="color:...
FalconFriday — Detecting MMC abuse using GrimResource with MDE— 0xFF24
[dsm_breadcrumbs show_home_icon="off" separator_icon="K||divi||400" admin_label="Supreme Breadcrumbs" _builder_version="4.18.0" _module_preset="default" items_font="||||||||" items_text_color="rgba(255,255,255,0.6)" custom_css_main_element="color:...
Arbitrary 1-click Azure tenant takeover via MS application
[dsm_breadcrumbs show_home_icon="off" separator_icon="K||divi||400" admin_label="Supreme Breadcrumbs" _builder_version="4.18.0" _module_preset="default" items_font="||||||||" items_text_color="rgba(255,255,255,0.6)" custom_css_main_element="color:...
SOAPHound — tool to collect Active Directory data via ADWS
[dsm_breadcrumbs show_home_icon="off" separator_icon="K||divi||400" admin_label="Supreme Breadcrumbs" _builder_version="4.18.0" _module_preset="default" items_font="||||||||" items_text_color="rgba(255,255,255,0.6)" custom_css_main_element="color:...
Azure DevOops 0x01 – It is not my machines, it is your code!
[dsm_breadcrumbs show_home_icon="off" separator_icon="K||divi||400" admin_label="Supreme Breadcrumbs" _builder_version="4.18.0" _module_preset="default" items_font="||||||||" items_text_color="rgba(255,255,255,0.6)" custom_css_main_element="color:...
Automating enumeration of missing reply URLs in Azure multitenant apps
[dsm_breadcrumbs show_home_icon="off" separator_icon="K||divi||400" admin_label="Supreme Breadcrumbs" _builder_version="4.18.0" _module_preset="default" items_font="||||||||" items_text_color="rgba(255,255,255,0.6)" custom_css_main_element="color:...
FalconFriday — Detecting MMC abuse using GrimResource with MDE— 0xFF24
[dsm_breadcrumbs show_home_icon="off" separator_icon="K||divi||400" admin_label="Supreme Breadcrumbs" _builder_version="4.18.0" _module_preset="default" items_font="||||||||" items_text_color="rgba(255,255,255,0.6)" custom_css_main_element="color:...
Arbitrary 1-click Azure tenant takeover via MS application
[dsm_breadcrumbs show_home_icon="off" separator_icon="K||divi||400" admin_label="Supreme Breadcrumbs" _builder_version="4.18.0" _module_preset="default" items_font="||||||||" items_text_color="rgba(255,255,255,0.6)" custom_css_main_element="color:...
Together. Secure. Today.
Stay in the loop and sign up to our newsletter
FalconForce realizes ambitions by working closely with its customers in a methodical manner, improving their security in the digital domain.
Energieweg 3
3542 DZ Utrecht
The Netherlands
FalconForce B.V.
[email protected]
(+31) 85 044 93 34
KVK 76682307
BTW NL860745314B01