Products

• Identity Threat Detection and Response (ITDR)
• Managed Detection and Response
• Attack Surface Monitoring

Services

• Offensive Security Services
• Active Directory Security Assessment
• vCISO

Resources

• Blogs
  • MDR-Why does my organization need it?
  • Password spray attacks
  • Lessons from the Medibank breach
  • The difference between reporting, compliance, and securing
  • Protecting service account logon restrictions
  • Identiverse 2023: Top three reasons to visit QOMPLX booth #1314
  • Overcoming security drift
  • Primary Group ID attacks
  • Privileged insider persistence attacks on Active Directory
  • How attackers enter and escalate privileges to attack Active Directory
  • IcedID Malware Gaining Prominence by Adding Identity Attack Chains
  • Privilege attacks on Active Directory
  • Empowering enterprises to stay ahead of evolving threats
  • Cyber insurance report proves Gartner ITDR is spot on
  • Solving cybersecurity when an SOC isn’t in the budget
  • Turning the data you have into the data you want
  • Attack surface risk signals: IP reputation
  • Attack surface risk signals: DMARC and SPF records
  • Attack surface risk signals: TLS/SSL configuration
  • Attack surface risk signals: DNS records
  • Identify and Fight the Phish #CyberMonth
  • How much automation?
  • Make your enterprise a boring target to attackers. Sign up for a free trial of Q:SCAN
  • QOMPLX Knowledge: OverPass The Hash Attacks
  • Conti University: Four Lessons in Defense from a Ransomware Gang’s Playbook
  • Punkspider & SpiderFoot Join Forces
  • Punkspider is Pioneering Responsible Disclosure at Internet Scale
  • Creating value through insurance data infrastructure
  • From Data to Intelligence: Systems Alchemy for the Insurance Sector
  • QOMPLX Knowledge: Skeleton Key Attack Detection
  • QOMPLX Releases the Arkscrape Community Edition: open source internet archiving for investigators and researchers
  • Part 1: How to Not Get Lost in Translation
  • Crawler to the People! Punkspider Returns With Eyes On OWASP Top 10
  • Congress Needs To Get Over Corporate Ransom Payments
  • Some Tips For Talking To Your Board About Ransomware
  • QOMPLX Knowledge: Detecting Pass-the-Hash Attacks
  • Moving Data Operations Beyond Data Lakes & Lakehouses
  • QOMPLX Knowledge: Honey Account Logins and Ticket Requests
  • What We Know About The Kaseya Ransomware Attack
  • QOMPLX Intelligence: Countering Opponent Strategy in StarCraft
  • QOMPLX Knowledge: Detecting Service Installed on Sensitive Systems
  • QOMPLX Knowledge: Detecting ASREP Roasting Attacks
  • As Ransoms Mount: How To Keep Your Organization Safe
  • QOMPLX Detections: Reference
  • QOMPLX Knowledge
  • Clean-up On Aisle 2452: Weighing CISA’s SolarWinds Eviction Guidelines
  • Building Momentum with a Data Standards Library
  • Zero Trust But Verify: Unpacking The Cyber Executive Order
  • Biden Executive Order on Cyber Is a Step in the Right Direction
  • AI Rules of the Road
  • A Lesson From The Pipeline Hack: Secure Active Directory Now
  • QOMPLX Knowledge: Detecting Suspicious Use of Regsvr32
  • QOMPLX Knowledge: Detecting Use of Built-In Windows Utilities
  • QOMPLX Knowledge: Understanding Golden SAML Forgery Attacks
  • QOMPLX Knowledge: Detecting PowerShell Encoded Command Execution
  • QOMPLX Knowledge: Detecting PowerShell Executed in the Background
  • QOMPLX Knowledge: Detecting Successful Zone Transfer from an Unknown Source
  • QOMPLX Knowledge: Detecting Account Name Enumeration
  • QOMPLX Knowledge: Detecting Password Spraying Attacks
  • QOMPLX Analysis: Refracting Cyber Risks For Accellion Customers
  • CISA Offers Tool, Plans To Evict SolarWinds Hackers. You’d Better Sit Down
  • How the Pentagon Can Innovate By Failing And Scaling
  • A Synthesis of the NSCAI and Cybersecurity Solarium
  • Microsoft Exchange Mass Hack: The Long Road Ahead
  • Information Sharing and Cybersecurity
  • Fact, Fiction, and the Future of Technology in U.S. Grand Strategy
  • Mr. (Brad) Smith Goes to Washington
  • SolarWinds Exposes the Same Core Deficiencies Present in OPM Breach
  • Active Directory is Your #1 Cyber Risk. Start Treating It That Way.
  • Law Firms Feeling Pinch of Accellion Breach
  • Log Ingest and Detection Using Q:CYBER
  • Netfilim and Ransomware’s Long Fuse
  • SolarWinds: Reminder of a Fundamental Problem
  • Detection and Response, Not Prevention After SolarWinds
  • QOMPLX Knowledge - 9 Reasons To Consolidate Active Directory
  • Health Cyber Center Warns of Kerberos Risk After Microsoft Patch
  • The Climate Crisis: A Systemic Risk Triggering Action in the Insurance Industry
  • QOMPLX Knowledge: Detecting Lateral Movement Using Windows Event Logs
  • QOMPLX 2021: Our Cyber Predictions for the New Year
  • Microsoft to CIOs: Drop Dead
  • Latest CISA Warning Hints At Worst Case Scenario In Russia Hack
  • DHS Calls Out Kerberoasting In Directive Following Russian Hack
  • CISA Warns: Distance Learning Boosts K-12 Cyber Risk
  • Javascript to Scala: Migration of a Self-Taught Engineer
  • Q:CYBER Translating Sigma Rules
  • Q:CYBER Using Windowed Rules for Advanced Detection
  • Q:CYBER Using Rule Templates
  • Q:CYBER: Introduction to Rules Builder
  • Q:CYBER Streaming Rules Engine
  • Q:CYBER Ingesting Windows Event Logs
  • QOMPLX Intelligence: Pathfinding In the Fog of War with StarCraft
  • Raconteur: Programming Data Flows for Better Customer Experience
  • QOMPLX Intelligence: Opponent Strategy Identification Using StarCraft
  • QOMPLX Intelligence: Learning from StarCraft
  • FBI Warns Hospitals on Ryuk Ransomware Credential Theft and Malicious DNS
  • QOMPLX Operations: Prioritizing Logs in Security Operations
  • QOMPLX KNOWLEDGE: What Are AS-REP Roasting Attacks?
  • Ransomware's Effects Linger Long After Attack, Study Finds
  • Simulation Modeling
  • Algorithm Development
  • Workflow Automation
  • Data Exploration and Visualization
  • Q:OS Data Ingest & Storage
  • October: Cybersecurity Awareness Month and Its Discontents
  • CISA Report: Unpatched VPN, Credential Theft Fueled Agency Hack
  • Zerologon is a Big Deal. Here’s Why.
  • QOMPLX Knowledge: 5 Ways Attackers Bypass Microsoft Azure ATP
  • The Future of Cyber Insurance Policies
  • Modeling Matchups - Diving into the Massive Spreads in Laura’s Loss Estimates
  • Privilege Escalation Features Pop Up In More Malware Variants
  • Konica Minolta Latest Victim of Human Operated Ransomware
  • QOMPLX Knowledge: Understanding Pass The Hash Attacks
  • QOMPLX Knowledge: NTLM Relay Attacks Explained
  • Not Learning from NotPetya: The Truth Behind Recent Ransomware Attacks
  • The Security Ledger Podcast: Andy Jaquith on COVID, Cyber Resilience
  • Subsidiaries Bring Growth And Risk that Must be Managed
  • Upcoming Webinar: Dun & Bradstreet's Approach to Pre-Assessment CMMC Certification
  • QOMPLX Operations: Managing Privilege for Tier 0 Accounts
  • QOMPLX Ideas: When is it OK to plug away at a Tech Program?
  • SIGRed Windows DNS Vulnerability Hands Domain Privileges to Attackers
  • Hardening Active Directory Blunts Ransomware Extortion Attacks
  • QOMPLX Ideas: When Should You Start a Tech Program?
  • Automating Re/Insurance Underwriting
  • QOMPLX Knowledge: 10 Active Directory Health Checks You Should Know
  • QOMPLX Intelligence: Four Steps to Better OSINT Collection
  • Part 1: How to not get lost in translation
  • Active Directory Attacks Ramp Up in Recent Incidents
  • New H-ISAC Framework tackles Authentication Risk in Healthcare
  • Webinar Today: Dun & Bradstreet joins QOMPLX to talk CMMC Certification
  • QOMPLX Knowledge: Kerberos Delegation Attacks Explained
  • Suddenly, Hurricanes-Contributing Factors
  • QOMPLX Operations: The 4Ps of SOCs Part 2: Process
  • QOMPLX Knowledge: Responding to a Silver Ticket Attack
  • Enterprise Security's Soft Underbelly: Authentication
  • Recent Attacks Reveal Human-Directed Ransomware Playbook
  • QOMPLX Operations: The Four Ps of SOCs Part 1 - People
  • QOMPLX Knowledge: Kerberoasting Attacks Explained
  • QOMPLX Knowledge: Pass-the-Ticket Attacks Explained
  • The Five Cyber Threats Every CISO Needs to Follow
  • QOMPLX Analysis: SFO Airport Attack Spotlights Credential Theft Scourge
  • QOMPLX Knowledge: DCShadow Attacks Explained
  • QOMPLX CEO: Data Supply Chain key to mastering AI
  • QOMPLX Knowledge: DCSync Attacks Explained
  • QOMPLX Knowledge: Responding to a Golden Ticket Attack
  • Excess Privileges Test Organizations' Cyber Resilience
  • Zoom and Gloom: Your Security Risk is (much) Bigger than One App
  • QOMPLX Knowledge: Silver Ticket Attacks Explained
  • Microsoft Active Directory Golden Ticket Attacks Explained: QOMPLX Knowledge
  • Worried about Human Operated Ransomware? Stop using NTLM, start validating Kerberos
  • QOMPLX Ideas: Ahead of Digital Transformation: Address Security Fundamentals
  • QOMPLX Ideas: The Provenance of Data-Driven Decision-making
  • Report: How Active Directory Attacks Went Mainstream
  • QOMPLX Recognized as a Top AI Startup for 2020
  • US Case Against China Underscores Similarities Between Equifax and Earlier Hacks
  • Data-Centric Cybersecurity Starts with Authentication
  • An Open Letter To CEOs: Don't Neglect Authentication -- It Will Cost You
  • Use Technology to Ennoble Work, Not Eliminate It
  • Understanding Cyber Offense, Defense and Intelligence - Part 1
  • Looking Back; Looking Ahead
  • Embracing Diversity in Technology
  • For Good Measure: The Imperative of Reclaiming Metrics Terminology
  • Working Together to Defeat the Enemy
  • Roundtable Highlights: Modern Approaches to Risk Management in a Digital World
  • The Smartest Companies are Embracing the Cyber Telematics Revolution
  • Prospective Simulation Modeling – The Cyber Risk Solution
  • Active Directory Security: Trust But Verify
  • AI-based Identity Analytics
  • Complex ≠ Complicated
  • A Golden Ticket Attack on Active Directory Federated Services
  • Kerberos Fundamentals
  • Honesty About Effective Cyber Risk Modeling for Insurance Companies
  • The Importance of Lateral Movement Detection
  • Golden Ticket Attack Execution Against AD-Integrated SSO Providers
• Content hub
  • Case studies
    • MDR dental healthcare case study
    • Financial services case study
    • Services firm remediates ransomware case study
    • Physical security case study
    • MDR hyperscale edge data center company case study
    • MDR dry cleaning products provider case study
    • Intellectual property law firm case study
    • Beverage manufacturing case study
    • Asset management case study
    • Hedge fund case study
    • Legal services case study
    • Life insurance case study
    • Hypermarket retailer case study
  • Datasheets
    • QOMPLX Q:SCAN data sheet
    • Privilege Assurance Azure AD data sheet
    • QOMPLX Privilege Assurance AD data sheet
    • QOMPLX Professional Services data sheet
    • QOMPLX Punkspider data sheet
    • Privilege Assurance Microsoft AD data sheet
    • QOMPLX Identity Assurance data sheet
    • QOMPLX Managed Detection and Response data sheet
    • QOMPLX Managed Assurance (MA) data sheet
    • QOMPLX Offensive Security Services data sheet
    • QOMPLX Intelligent Due Diligence data sheet
    • Q:SCAN for Supply Chains data sheet
    • QOMPLX TimeSeriesDB data sheet
    • QOMPLX Extractor data sheet
    • QOMPLX Connector data sheet
  • Overviews
    • MDR Services Capabilities
    • Identity Assurance for Active Directory Tech Spec
    • QOMPLX:OS Platform Overview
    • Q:Cyber Identity Assurance- Splunk Integration Solution Overview
  • Tech specs
    • Offensive Security Service Tech Spec
    • Intelligent Due Diligence Tech Spec
    • QOMPLX:CYBER Identity Assurance for Cloud Tech Spec
    • Q:SCAN Tech Specs
    • Privilege Assurance Tech Spec
    • Q:CYBER Tech Spec
  • Videos
    • How to Spot and Stop Attacks Like SolarWinds [Video Interview]
  • Webinars
    • Register Now: Save Your SOC by Securing Active Directory
    • Webinar: Are You Ready For CMMC?
    • Webinar: Healthcare Cyber Risk in the Post-COVID World
  • Whitepapers
    • The path to Trusted Authentication via visibility, detection and analytics
    • Active Directory is Your Top Security Priority: It’s Time to Treat it That Way
    • Aite Impact Brief: Fixing Vulnerabilities in Active Directory and Kerberos
    • ManyKatz: How Active Directory Hacks Went Mainstream
  • Others
    • Identity-first security e-book

Company

• About QOMPLX
• Events
  • RANT Roundtable - Edinburgh
  • Techno Security and Digital Forensics
  • Identiverse
  • FS-ISAC FINTECH London
  • TopGolf Scottsdale
  • Millenium Alliance - Transformational CISO
  • Best Practices for Securing Azure AD/Active Directory in 2023
  • Nerai Lunch NYC
  • Canadian Cyber Security Event
  • Millennium Alliance - New Orleans
  • RANT Roundtable - London
  • Gartner Identity & Access Management Summit - London
  • RANT Roundtable - London
  • FS-ISAC Americas Spring Summit
  • QOMPLX Lunch Networking Event
  • Gartner Identity & Access Management Summit - Texas
  • QOMPLX Knowledge Series Seminar - Atlanta
  • V2 Security
  • TopGolf San Jose
  • Five Iron FiDi NYC
  • RSA - San Francisco
  • TechMentor
  • CyberTech Forum
  • ISSA North Colorado
  • JISC Security Conference
  • Innovate Cybersecurity Hackers
  • Hackers Teaching Hackers
  • Info Security Summit
  • Cyber Security Summit - MN
  • Morenet
  • FS-ISAC FINTECH Today
  • GITEX 2022
  • Identity Week
  • BankSec 2022
  • Innovate Cybersecurity Summit
  • Identity Week Europe
  • Troopers Conference
  • Authenticate 2022
• Contact Us
• Vulnerability Disclosure Policy
Support