Sign InAuthor
QOMPLX Staff
Tysons, Virginia
Written by QOMPLX Staff
Authenticate 2022
October 17 - 19, 2022
FS-ISAC European Summit
September 13 - 14, 2022
Gartner Identity & Access Management Summit
August 22 – 24, 2022
BLACK HAT USA 2022
August 6 - 11, 2022
Identiverse Denver
June 21 - 24, 2022
RSA Conference San Francisco
June 6 - 9, 2022
Data Connectors NYC
June 1 - 2, 2022
Data Connectors Seattle
May 18 - 19, 2022
Commercial Lines Innovation USA
May 9 - 11, 2022
DCSync and Silver Ticket Attack Detection
DCSync and Silver Ticket Attack Detection
About QOMPLX
Managed Assurance Data Sheet
Scan, monitor, and respond in real-time with unmatched expertise from QOMPLX
MDR Data Sheet
Real-time detections & response
Identity Assurance Data Sheet
Protect critical data on-premise and in the cloud
Professional Services Data Sheet
Customized cyber assessments and expert guidance
Solving cybersecurity when an SOC isn’t in the budget
Small businesses are frequent targets of ransomware attacks but often do not have the resources or expertise to staff a security operations center.
Cybersecurity from a hacker’s perspective
Turning the data you have into the data you want
Having data is no great challenge. Most insurance companies have plenty, and while they could perhaps use more–most could–it needs to be usable otherwise it serves no value.
Attack surface risk signals: IP reputation
IP reputation should be tracked consistently. Connections to known malicious infrastructure on the Internet is a clear indicator of risk.
Attack surface risk signals: DMARC and SPF records
DMARC and SPF records are a key to protecting domain integrity and preventing phishing attacks and spam campaigns from leveraging your good name.
MDR Services Capabilities
QOMPLX Managed Detection and Response (MDR) service offers a tailored and collaborative approach for security through detection, investigation, prioritized alerting, response, and reporting according to your business needs.
Attack surface risk signals: TLS/SSL configuration
TLS (Transport Layer Security)/SSL (Secure Sockets Layer) certificates play a critical role in securing enterprise communications. They are frequently targeted by sophisticated adversaries.
Attack surface risk signals: DNS records
The Domain Name System (DNS) is a foundational technology of the modern Internet and World Wide Web. DNS monitoring is critical for the security of your organization and external users.
Identify and Fight the Phish #CyberMonth
Phishing attacks are an easy way for a bad actor to gain access to a network. Once inside, they can cause devastating losses.
Offensive Security Service Data Sheet
QOMPLX’s Offensive Security Service provides a tailored customer experience with white glove service. Our fundamental belief is that offensive engagements are better when there is a spirit of collaboration toward the goal of true security for the client.
Offensive Security Service Tech Spec
QOMPLX’s Offensive Security Service provides a tailored customer experience with white glove service. Our fundamental belief is that offensive engagements are better when there is a spirit of collaboration toward the goal of true security for the client.
How much automation?
Automation of underwriting decisions has a very tangible benefit - cost savings. When rules are automated and decisions are made based on reliable supporting data, underwriters can focus on the outliers and make the most of their precious time.
In response to the ransomware scourge, QOMPLX offers free trial of its powerful attack surface management tool
Q:SCAN sees your security posture the way an attacker would, assigns a risk score, and gives you the information you need to close vulnerability gaps.
Make your enterprise a boring target to attackers. Sign up for a free trial of Q:SCAN
Responding to the rise in ransomware attacks, QOMPLX releases a free 30-day trial of Q:SCAN, its SaaS-based perimeter cyber scanning solution.
The Data Analytics Report: Q&A with Alastair Speare-Cole
In this interview, Alastair Speare-Cole discusses overcoming the problems within the insurance value chain and more.
QOMPLX Knowledge: OverPass The Hash Attacks
OverPass The Hash (OPtH) is a form of credential theft- and reuse attack that is one of the most common methods of lateral movement within compromised IT environments.
QOMPLX CEO Jason Crabtree Wins Ernst & Young Entrepreneur Of The Year® 2021 Mid-Atlantic Award
Jason Crabtree was recognized with the Ernst & Young Entrepreneur Of The Year® 2021 Mid-Atlantic Award for his leadership of QOMPLX’s rapid growth, innovative cybersecurity and risk analytics products, and commitment to values.
Punkspider & SpiderFoot Join Forces
QOMPLX Collaborates with Widely Used OSINT Tool SpiderFoot to Expand Availability of Punkspider
Punkspider is Pioneering Responsible Disclosure at Internet Scale
Creating value through insurance data infrastructure
Interoperable solutions backed by a flexible data fabric are the key to digital transformation and multi-system interoperability. In the blog series “Creating Value Through Insurance Data Infrastructure”, we will explore the problems, decisions, and solutions to this challenge.
From Data to Intelligence: Systems Alchemy for the Insurance Sector
Major amounts of data live within insurance carriers but the challenge lies in getting it out in useful form. Learn how to extract the value from data without the need to replace your existing systems, spend thousands of hours coding or rekeying data, or commit millions to a new data architecture.
QOMPLX Knowledge: Skeleton Key Attack Detection
So-called “skeleton key” passwords are a common means of gaining administrative access to your domain controller. We talk about this common method of privilege escalation.
QOMPLX Releases the Arkscrape Community Edition: open source internet archiving for investigators and researchers
QOMPLX’s Arkscrape tool easily archives web pages, making it ideal for research and investigations in complex cases such as human trafficking by journalists, academics, law enforcement, and other researchers.
QOMPLX Reboots Punkspider
Internet-Scale Vulnerability Scanning is Back!
Crawler to the People! Punkspider Returns With Eyes On OWASP Top 10
The popular Punkspider web vulnerability scanning tool is returning with bigger scale, broader reach and coverage of attacks in the OWASP Top 10.
Punkspider Data Sheet
QOMPLX relaunches the world’s largest web vulnerability scanner. Our new Punkspider browser extension employs massive scanning capabilities and proprietary tools to assess websites and guide user activity across the entire Internet.
Intelligent Due Diligence Tech Spec
QOMPLX’s Intelligent Due Diligence helps you avoid buying a lemon. Similar to a building inspector, our OSINT team helps you uncover issues you could otherwise miss.
Congress Needs To Get Over Corporate Ransom Payments
The question of whether- and when to pay a ransom is a distraction for lawmakers. A better question: how to increase the accountability of both criminal gangs and their victims.
Intelligent Due Diligence Data Sheet
QOMPLX’s Intelligent Due Diligence helps you avoid buying a lemon. Similar to a building inspector, our OSINT team helps you uncover issues you could otherwise miss.
BLOOMBERG RADIO Jason Crabtree Interviewed by Paul Sweeney and Matt Miller
Jason Crabtree, Co-Founder and CEO of QOMPLX, discusses ransomware protection, and the company's upcoming listing on the New York Stock Exchange. Hosted by Paul Sweeney and Matt Miller.
QOMPLX Knowledge: Detecting Pass-the-Hash Attacks
Pass the Hash is a common post-exploitation attack. This post discusses how QOMPLX Identity Assurance detect PtH attacks.
Moving Data Operations Beyond Data Lakes & Lakehouses
Q:OS delivers the right persistence layer through its Data Fabric, for the appropriate data model and simplifies the operational complexity of ingesting, transforming, normalizing, and schematizing data for businesses to quickly make intelligent decisions.
QOMPLX Knowledge: Honey Account Logins and Ticket Requests
Major amounts of data live within insurance carriers but the challenge lies in getting it out in useful form. Learn how to extract the value from data without the need to replace your existing systems, spend thousands of hours coding or rekeying data, or commit millions to a new data architecture.
QOMPLX Intelligence: Countering Opponent Strategy in StarCraft
In the latest installment of our QOMPLX Intelligence series on learning from the real-time strategy (RTS) game StarCraft, we analyze different approaches to countering opponent strategies.
QOMPLX Knowledge: Detecting Service Installed on Sensitive Systems
Tracking instances of Windows Event ID 7045 (a new service was installed) is critical for capturing new service creation, which may indicate that malicious commands or payloads are being run on the system.
QOMPLX Continues Global Expansion with Australian Catastrophe Risk Modeling Partnership
QOMPLX Continues Global Expansion with Australian Catastrophe Risk Modeling Partnership
QOMPLX:CYBER Engineering Services Case Study
QOMPLX use case on CMMC Pre-Assessment for cybersecurity readiness.
Fathom and QOMPLX partner to bring flood models to Q:HELM
Q:HELM provides a variety of models and data in a one-stop shop that can be selected in a bespoke manner and used for critical decision-making around risk.
Featured in "The Times of London" - CEO Crabtree Discusses Fighting Fraud in Ransomware Summer
QOMPLX CEO Jason Crabtree was recently featured in The Times of London on how to fight fraud as ransomware summer continues.
SALT - Jason Crabtree on Ransomware Summer
QOMPLX CEO Jason Crabtree was interviewed by SALT, where he discusses Ransomware Summer
Ransomware Case Studies
QOMPLX case studies on fighting ransomware by verticals: lP legal firm, financial services, manufacturing, physical security
QOMPLX Celebrates More than 50 years of Pride
QOMPLX joins its LGBTQIA+ employees, their families, and the community around the globe in marking the end of a Pride month, 50 years after Stonewall.
QOMPLX Celebrates the 155TH Juneteenth
QOMPLX joins its employees, their families, and their communities marking the 155th Juneteenth, and a historic one at that.
QOMPLX Knowledge: Detecting ASREP Roasting Attacks
QOMPLX Knowledge: Detecting ASREP Roasting Attacks
QOMPLX Expands “Privilege Assurance: Graph View” Visualizing Your Vulnerabilities and Enabling Rapid Response
See your Active Directory the way a hacker does — before you become a target
CNN Newsource - Jason Crabtree on JBS Ransomware Attack
QOMPLX CEO Jason Crabtree was interviewed by CNN Newsource, where he discussed the JBS Ransomware Attack.
Newsy - Jason Crabtree on JBS Ransomware Attack
QOMPLX CEO Jason Crabtree was interviewed by Newsy, where he discussed the JBS Ransomware Attack.
QOMPLX Detections: Reference
QOMPLX Detections provides essential information on the methods that our technology uses to identify suspicious and malicious activity within your environment.
QOMPLX Welcomes Carol DiBattiste as General Counsel
She Brings Extraordinary Senior Executive Experience Spanning the Public and Private Sectors.
QOMPLX:CYBER Fine Art Case Study
QOMPLX use case on data aggregation.
LIVE on FoxNews - Jason Crabtree Analyzes JBS Ransomware Attack
QOMPLX CEO Jason Crabtree Interview on FoxNews breaks down the JBS ransomware cyber attack how to improve detection, response, and resilience
QOMPLX Knowledge
QOMPLX Knowledge is an on-going series that provides vital information and insights about critical cyber security concepts that inform our work and that information security professionals need to master.
Building Momentum with a Data Standards Library
Inconsistent data standards are plaguing the insurance industry. QOMPLX is contributing with the launch of a community data standards library ReQoncile.io.
Q:CYBER for OT
QOMPLX's Q:CYBER for OT helps you secure critical infrastructure by helping to create a full asset inventory of your technology environment and by ingesting, analyzing, and auditing all of your data.
QOMPLX:CYBER Hedge Fund Case Study
QOMPLX use case on critical infrastructure protection.
Biden Executive Order on Cyber Is a Step in the Right Direction
Biden’s executive order moves us in the right direction, and contains the seeds of global standards-setting that benefits both government and business.
QOMPLX Knowledge: Detecting Suspicious Use of Regsvr32
In this post, we take a look at how QOMPLX’s technology helps customers spot patterns of behavior that may indicate malicious use of Regsvr32.
QOMPLX Knowledge: Detecting Use of Built-In Windows Utilities
A range of administrative utilities are commonly deployed by malicious actors including whoami, ipconfig and more. In this post, we’re taking a look at how QOMPLX’s technology helps customers to spot patterns of behavior that may indicate malicious use of built-in Windows utilities.
QOMPLX Knowledge: Understanding Golden SAML Forgery Attacks
Golden SAML attacks on ADFS figured in the SolarWinds incident. This blog post talks about how to identify and stop them.
New QOMPLX Real-Time Cloud Identity Forgery Detections Restore Trust in Cloud Authentication
QOMPLX announced the extension of its Identity Assurance analytics solution to automatically detect identity-based attacks on cloud service providers.
QOMPLX:CYBER Asset Management Case Study
QOMPLX use case on asset management.
Identity Assurance for Active Directory Tech Spec
QOMPLX’s Identity Assurance solution disrupts cyber attacks by detecting the techniques common to all large-scale breaches: credential forgery and privilege escalation.
Identity Assurance Data Sheet
QOMPLX’s Identity Assurance solution disrupts attacks by detecting the techniques common to all large-scale breaches: credential forgery and privilege escalation.
QOMPLX:CYBER Retail Hypermarket Case Study
QOMPLX use case on security posturing and visibility.
QOMPLX Knowledge: Detecting PowerShell Encoded Command Execution
We take a look at how QOMPLX’s technology helps customers to spot the use of encoded commands in conjunction with the PowerShell utility.
QOMPLX Knowledge: Detecting PowerShell Executed in the Background
In this post, we’re taking a look at how QOMPLX’s technology helps customers to spot attackers efforts to hide their use of PowerShell by running it in the background of another application.
QOMPLX Knowledge: Detecting Successful Zone Transfer from an Unknown Source
In this post, we’re taking a look at how QOMPLX’s technology helps customers to spot one technique for foot-printing target environments: DNS zone transfers.
QOMPLX:CYBER Identity Assurance for Cloud Tech Spec
QOMPLX’s Identity Assurance software validates that each user who requests access is who they say they are using patented stateful validation of the SAML protocol and other deterministic detections.
QOMPLX:CYBER Identity Assurance for Cloud Data Sheet
Identity Assurance validates that each user who requests access is who they say they are using patented stateful validation of the SAML protocol and other deterministic detections.
QOMPLX Knowledge: Detecting Account Name Enumeration
We take a look at how QOMPLX’s technology helps customers to spot malicious account enumeration activity, which often is an early indication that an attack is taking place.
QOMPLX Knowledge: Detecting Password Spraying Attacks
In this post, we’re taking a look at how QOMPLX’s technology helps customers to spot password spraying attacks and other excessive login attempts that are often an early indication that an attack is taking place.
Q:CYBER Privilege Assurance Snapshot
QOMPLX’s Privilege Assurance Snapshot shows clients their trust relationships and their cyber hygiene, makes compliance activities simpler, and provides peace of mind about the security of Active Directory.
Insurance Insider’s Cyber Summit 2021
https://events.insuranceinsider.com/cybersummit/2021
QOMPLX:CYBER Reinsurance Case Study
QOMPLX use case on streamlining risk reporting process.
QOMPLX:CYBER Life Insurance Case Study
QOMPLX use case on securing technology stacks.
QOMPLX Closes Acquisition of Leading Cybersecurity Intelligence Firm Hyperion Gray
QOMPLX Closes Acquisition of Leading Cybersecurity Intelligence Firm Hyperion Gray. The acquisition strengthens QOMPLX’s risk analytics, external security posturing, and penetration testing
Q:SCAN Tech Specs
Download this Technical Specifications Guide to learn more about how Q:SCAN can help simplify your compliance processes and secure your sensitive data.
QOMPLX to acquire Sentar, Inc., one of the fastest growing cyber companies in the national security sector
QOMPLX to acquire Sentar, Inc., one of the fastest growing cyber companies in the national security sector
Microsoft Exchange Mass Hack: The Long Road Ahead
Patching the recently disclosed flaws in Microsoft Exchange is both difficult and the easy part. The hard part comes after, as organizations look to assess the damage, and their future with Redmond’s aging and vulnerable identity infrastructure.
QOMPLX Coverage in Axios Pro Rata By Dan Primack March 2, 2021
QOMPLX, has agreed to go public through Tailwind. The equity value of the deal is $1.4 billion; as part of the deal, QOMPLX will buy two other private companies: Sentar and Tyche.
QOMPLX:CYBER Legal Services Case Study
With QOMPLX’s unmatched, always-on, pre-acquisition and cybersecurity due diligence support, clients can aggressively grow with the ability to make risk-based decisions. Download the case study and learn how we helped a top law firm defend against data breaches.
Active Directory is Your #1 Cyber Risk. Start Treating It That Way.
If Active Directory is so critical, why do so many firms take a hands off approach to AD security? In our latest report, we explore that issue and offer some steps organizations can take to secure it.
Active Directory is Your Top Security Priority: It’s Time to Treat it That Way
QOMPLX will discuss approaches that organizations can take to harden their Active Directory security and critical controls infrastructure with this white paper.
Register Now: Save Your SOC by Securing Active Directory
On March 11, join QOMPLX Chief Security Officer Andy Jaquith for a discussion about how automating identification of common, Active Directory attacks can help streamline your SOC and prevent SolarWinds style compromises.
Q:SIM | UK Housing Market
QOMPLX, through its Q:SIM product, which provides tools and analysis to allow customers to run various simulations and models, aimed to study the possible effects of macro-prudential policies