BC Security was founded in December of 2017 by Anthony Rose and Jake Krasnov as a security consulting firm that specializes in Wireless Assessment and Red Team threat emulation for enterprise networks. Over the last few years the team has focused on enhancing the security of Internet of Thing (IoT) devices through Bluetooth vulnerability identification.
Anthony Rose holds an MS in Electrical Engineering and has authored multiple papers and presentations on Bluetooth lockpicking to include the highly publicized DEFCON talk “Picking Bluetooth Low Energy Locks from a Quarter Mile Away.”
Jake Krasnov holds an MBA in Finance and has previously been a member of an NSA certified Red Team. He currently specializes in secure architecture engineering for embedded systems. He was the lead researcher for BC Security’s recent talk “Hack to Basics – Adapting Exploit Frameworks to Evade Microsoft ATP” at the DEFCON Recon Village.
Since its founding, BC Security has conducted assessments for well-known Bluetooth lock manufacturers such as Noke and Janus International. In addition, BC Security has conducted enterprise network assessments for financial institutions. They also maintain a popular fork of the Empire Post-Exploitation Framework and instructed the “Introduction to AMSI Bypasses and Sandbox Evasion workshop” at DEFCON 27.
Today the average cost of a cybersecurity breach has risen to $4 Million. No more than a week goes by without the announcement of another major breach. Discussions arise about how companies must learn how to manage this growing threat and think about cybersecurity differently. While we agree that cybersecurity is a growing threat, we don't necessarily think that companies need to think differently because at its core cybersecurity is about risk management.
While the implementation of cybersecurity can be highly technical its management doesn't have to be . We seek to provide our customers with cost-effective risk management solutions and assist them in identifying what their “unknown unknowns” are. Armed with clear assessments, CISO can provide clear reasoning for implementing changes companies can make informed decisions on their acceptable risk .