Skip to main content

Please allow me to reintroduce myself...

CellPhoneDude 
Or the founder, owner, and CEO of Xcape, Inc. I started this company in 2006 as an MSP helping to build and maintain infrastructures for a number of entertainment industry professionals, small and medium sized businesses, CEO's and their families, and other high net worth individuals. Making a name for myself and my one man band that was Xcape. 

For years I struggled with learning how to start and operate a business successfully. I started to build a team of other hackers, pen testers and other information security professionals.

The first of which I had the pleasure of being introduced to me as one of the brightest people in infosec and he's been my partner and our CTO/CISO for the last 13 years. That's when we first pivoted to infosec taking on DFIR, pentesting, and assessment work. We constantly push each other to grow and be better. So running a company with this man, building and innovating has been a dream come true. 

The second an app sec engineer who was told he didn't have the skills to be in infosec. Only to receive an offer from Google's Red Team after only being with our team for two years.

The third is an engineer that I'm incapable of accurately articulating the sheer plethora of topics where he is in fact a subject matter expert. From CI/CD to firmware this dude does it all.

With the continued growth of our small agile team we've been the small company big companies rely on for quality when the big reputable security firms find nothing. No indicators of compromise, no recovered malware samples. Just a huge invoice while you mitigate an ongoing breach.

If I had a dollar for every time a client went somewhere else only to come back and hire us after they spent more with another firm, the amount of times we were the 3rd or 4th company on an engagement to be the only ones to produce any results, I'd have a quite a few extra dollars to laugh my way to the bank with but I digress.

It's interesting the amount of times we've been referred to a client and they tell us they were referred to us by more than three people in this industry that know at Xcape there is no such thing as can't.

I don't know many companies that will reverse engineer a ransomware sample to build a decrypter capable of decrypting over 3TB of data for a customer that didn't have any backups.

I've never seen a 400+ page pen test report before that skipped the lows and informational findings just due to the sheer volume of findings. 

I've never seen an encrypted LTE drop box solution before we made one err 3.
PiRAT | Pentest Server | NetNinja

I don't know any firm that rolled their own network just to control hardware, software, and connectivity end to end.

Well except for us because solving IT problems is our business.
Labels:
Location: Los Angeles, CA, USA

Comments

Post a Comment

Popular posts from this blog

Why traditional Pen Testing is dead.

Annual, bi-annual, and quarterly penetration testing schedules will be a thing of the past.  The advent of sophisticated cyber threats has necessitated a paradigm shift in vulnerability management. In this transformative digital era, the static, once-a-year model of traditional penetration testing is becoming increasingly obsolete. Instead, it's time for businesses to embrace a dynamic model of continual vulnerability detection and mitigation - Penetration Testing as a Service (PTaaS) by Xcape, Inc. This innovative service combines the precision of automated remote pen testing with the strategic oversight of seasoned penetration testers, creating a comprehensive solution for the latest cybersecurity concerns. The Case for Internal and External Network Testing In a conventional cybersecurity setup, the focus is often on safeguarding the external network, the so-called perimeter. However, this perimeter-centric approach, while essential, is not sufficient in today's threat land...
1 comment
Read more

How secure is your SMB's domain name?

Studies show that small businesses are being targeted now more than ever in cyber attacks. ( Forbes: Small Businesses Are More Frequent Targets Of Cyberattacks Than Larger Companies ) When cybersecurity professionals discuss two-factor authentication, domain registrars or DNS hijacking is often not the topic. (Think 2FA for GoDaddy , NameCheap , and SquareSpace , to name a few. Take a moment and use these links to setup 2fa for your domain, or google "How to turn on 2fa for name of provider .") Surprisingly, even in 2023, some providers still don't support this essential security control.  However, your domain name controls an organization's corporate website and email exchange records. And suppose an attacker were to get control of it. In that case, they could recreate your email addresses, and password reset their way to control all the accounts owned by an organization.  A few of the recent incidents we've responded to involve attacks where the attacker obtains...
Post a Comment
Read more

Ensuring Cyber Insurance Coverage: The Crucial Role of Security Controls

In today's digital landscape, many business owners believe that obtaining a cyber insurance policy automatically guarantees protection. However, this assumption is far from reality. Even with general liability policies that cover cyber claims, organizations must meet specific minimum requirements to ensure their claims are approved. In fact, some insurance carriers may collaborate with cybersecurity partners to evaluate the implementation of security controls before determining coverage applicability. Xcape, Inc.  can offer the guidance and expertise to ensure these security controls are implemented to strengthen your overall security posture. In addition, our Managed IT Provider Services implementation of the following security controls gives organizations quicker recovery in the event of a security incident so that our customers can get back to work in minutes and hours vs. days and weeks.  Although often overlooked by insurance providers, your policy documents clearly outli...
Post a Comment
Read more