Hunt for indicators of compromise

Stroz Friedberg is a specialized risk management firm built to help clients solve the complex challenges prevalent in today’s digital, connected, and regulated business world

Before a cyber attack on a company’s assets becomes a full blown crisis, an organization can proactively detect, contain and remediate malicious activity by searching for evidence of a breach and expelling bad actors from its environment. To do so, organizations need to have the right people with the specialized skills, who know how to hunt for indicators of compromise.


With years of experience in the trenches, our responders know where to look for vulnerabilities and understand how those vulnerabilities can be exploited by attackers. Our experts are skilled at hunting, and can find subtle anomalies and early indicators of a compromise in an organization’s environment. Our teams also troll the Darknet to stay on top of emerging threat trends, maximizing their ability to spot the newest indicators that are most applicable to any organization across a variety of industries.

We bolster the knowledge of our team with proprietary tools that rapidly analyze large volumes of information to help spot indicators of compromise and malware, uncovering incidents in the making and mitigating the risk of further damage:

  • LIMA, our proprietary malware scanning tool, can pinpoint indicators of compromise and identify intruders across tens of thousands of machines. LIMA is lightweight, fast, and easily deployable, so it can be used onsite at a moment’s notice.
  • Hawk, our mobile forensic incident response platform, deploys sensors at strategic locations within a company’s infrastructure to trace irregular network traffic. It can conduct high-speed, onsite malware analysis and forensic hosting.
  • Raven™, our proprietary tool for automated forensic analysis, allows us to efficiently analyze large volumes of files— from thousands of computers in multiple countries— to help detect indicators of malware or a cybersecurity breach across and entire enterprise.

Our capabilities include:

  • Host-based Interrogation for Indicators of Compromise
  • Detection of Indicators of Malware
  • Irregular Network Traffic Analysis
  • Secure Overall Security Posture
  • Malware Reversal
  • Live Analysis and Memory Analysis

Commentary, new discoveries, and innovative ideas right to your inbox.

Stroz Friedberg

Sorry! You are using an older browser which is not supported by this website.

Please download one of these free browsers to enjoy all our website has to offer:
Firefox, Chrome or Internet Explorer.