Stay safe with Subreption
For over a decade we have been providing best-in-class information assurance services and research, pioneering defensive and offensive security concepts and solving some of the most challenging security challenges for our customers in defense, finance, IT and legal services industries.
Focus on research
Unlike consulting clearing houses depending on external innovation, Subreption has its origins in a strong, best-in-class research and development team with a long track record of industry successes.
average years of experience per team member and contractor
Linux devices and systems using technology we pioneered and contributed to
Stay informed about our latest announcements and developments.
BIRDWATCH program: Ghost in the Orlan: demystifying a military drone platform
August 2022. Subreption publishes the first technical report of a software vulnerability affecting the Orlan-10 military drone system, its software internals and weaknesses in the handling of the FPGA software for C2 and data communications and other components. The report constitutes the first vulnerability publicly documented for a military drone platform. A program for research of military drone platforms is also announced, in cooperation with NGOs and institutions interested in factual research of such systems.
2022 DJI Alleged Drone ID Vulnerabilities
May 2022. Subreption publishes its stance on the recent 'hype' surrounding vaguely technical issues related to DJI's so-called Drone-ID broadcasts, and the misrepresentation of these alleged security vulnerabilities as a publicity stunt, while also ignoring prior work by well-respected industry peers. A complete rebuttal of these claims and their motivations is provided.
Subreption awarded DARPA Cyber Fast Track funding for high assurance mobile computing R&D
January 2012. Subreption LLC has been awarded with a DARPA Cyber Fast Track contract (under solicitation DARPA-RA-11-52) to research and develop the next generation of proactive defenses designed to deter exploitation of security vulnerabilities related to dynamic memory allocators, in operating system cores and applications.
Trusted by customers in defense, finance, IT and legal services industries
Founded originally with the intention of protecting intellectual property derived from research, Subreption has never made marketing or profit the main forces behind its efforts. Instead, our resources have been primarily dedicated to consistently producing innovative research in the fields of information assurance and secure communications. Social media or press and media attention are the least of our concerns. This attitude over the years allowed us to focus on pragmatic, immediately useful solutions for our customers with no nonsense. We firmly believe that our job is to provide our customers with honest, respectful but straightforward insight into their shortcomings and weaknesses.
We have successfully competed for, won and engaged in multiple months-long contracts for defense, banking and IT customers since the beginning of the firm. Our accumulative experience in information assurance spans decades worth of successful research and development, consulting engagements and open source contributions.
Our staff and the firm have always strived to avoid any and all potential conflicts of interest across all our projects and engagements. While other firms might engage in potentially questionable and conflicting directions (defense versus offense), we have a solid track record of rejecting customers for consulting engagements that develop products against which we have developed offensive capabilities. If your firm engages with Subreption, we will enter an agreement to effectively enforce a full disclosure stance for any security issues discovered in the future outside of the engagement.
We take pride in our work, but at the same time avoid over-hyping and making claims we cannot sustain with hard facts. Our constant effort to keep up with the status quo in the industry reflects on our attitude of "no empty promises". We understand security is a process, and as such, it is virtually impossible to provide absolute assurances. However, it's our work ethic to work with customers towards the maximum achievable level of assurance within their budget and circumstances.