GRIMM

threat actors cybersecurity

Professional evil: a glimpse into the tactics and motivations of malicious threat actors

There are plenty of articles detailing the uses of patience, creativity, and above all, learning from your failures. Those are all requirements for excelling in any technical field. Instead of rehashing that baseline, let’s take a look at how a threat actor might stage attacks to create the most extensive damage, regardless of the target.   …

Professional evil: a glimpse into the tactics and motivations of malicious threat actors Read More »

Why You Should Care About Infrastructure Security Month

November is Critical Infrastructure Security & Resilience Month, a nationwide effort to raise awareness and reaffirm the commitment to keep our nation’s critical infrastructure secure and resilient. This year’s theme is Infrastructure Security is National Security: Together We Can Drive Down Risk, Build Resilience, which covers the spectrum of infrastructure security.  So, why should you …

Why You Should Care About Infrastructure Security Month Read More »

Patrick Miller joins GRIMM as Director of Software Security

Patrick Miller was brought into GRIMM because he has the experience to help organizations understand what they need to do to stay safe, and help them do it. As Satya Nadella, Chief Executive Officer (CEO) at Microsoft said, “every company is now a software company.” It’s not a matter of companies necessarily producing software, but …

Patrick Miller joins GRIMM as Director of Software Security Read More »

Launching the GRIMM Red Team

Since GRIMM’s inception, our dedicated teams have helped build confidence in clients’ underlying security posture — largely through demonstrating the business impact of vulnerable systems during client engagements. GRIMM teams have covered functional areas in Application Security, Cyber-Physical (aka CyPhy), Tailored Software, Training, and CISO-level consulting. Many of GRIMM’s client engagements include an element of …

Launching the GRIMM Red Team Read More »

GRIMM Summer Internships

GRIMM 2020 Summer Internships

Program History The GRIMM Intern program began three years ago. Interns work on billable client and research projects. Additionally, past Interns worked on the development of GRIMM’s “Howdy Neighbor”, a portable Capture the Flag competition built entirely around hacking Home Automation devices. Howdy Neighbor is one of GRIMM’s go-to, hands-on demonstrations at conferences across the …

GRIMM 2020 Summer Internships Read More »

a terminal app

IOT is even more of a risk than you thought

GRIMM purchased a GeoVision camera that arrived off-the-shelf with security vulnerabilities like most consumer IOT devices. The camera is a stand-in for any IOT device in a residential, industrial, or enterprise environment. The team demonstrated through a practical hands-on-exercise at HackNYC, RSA, Hack the Capitol, and multiple BSides where participants learn how to use a publically available exploit to compromise an emulated …

IOT is even more of a risk than you thought Read More »

Delta Debugging

Delta Debugging Have you ever been fuzzing a program and received a crash, only to find the input file was huge?  Trying to manually determine which portions of an input file trigger the bug can be an extremely frustrating and time consuming process. Huge input files can make the triage of bugs much harder. This …

Delta Debugging Read More »

HAX Team Photo

HAX goes International

The eyes of the world were recently focused on PyeongChang, South Korea for the 2018 Winter Olympics. While we watched athletes curl, skate, ski and slide across the frozen South Korean landscape, we at GRIMM had our own South Korean experience! Through GRIMM’s HAX program, which provides real-world, hands-on-keyboard cybersecurity experience to undergraduate college students, …

HAX goes International Read More »

Jennifer Tisdale

Jennifer Tisdale joins GRIMM as a Cyber Advocate for Connected Mobility and Infrastructure

Connected Mobility and Infrastructure are taking Detroit by storm; timing is critical for adopting strong security practices at this nascent point in the technology and the industry. With her background in cybersecurity and autonomous vehicles, Jennifer Tisdale is the ideal leader to drive GRIMM’s engagement with automotive industry Original Equipment Manufacturers (OEMs), suppliers, and industry stakeholders to …

Jennifer Tisdale joins GRIMM as a Cyber Advocate for Connected Mobility and Infrastructure Read More »