We've been working on Copperhead for a few months now and with the launch of our website we decided to make it official. Below we've provided some information about what we've been working on and our next plans.
The three of us come from varied backgrounds including software development, systems, and forensics. We all shared a common interest in security research and hardening systems.
We noticed that most small infosec companies tend to either focus solely on red-teaming and penetration testing, or are corporate forensics firms. While appreciating the value of both, we saw a gap in the market for our firm to specialize in defensive security, by understanding offensive methods, and being capable of detecting and mitigating attacks.
The infosec world is largely attacker-driven and quality defensive software/tactics are severely lacking. This is something we hope to help change. As a result we have two complementary objectives: provide consulting services to organizations, and building a secure Android OS to protect sensitive mobile communications.
We plan to work with organizations such as law firms, tech companies, and other businesses who need to protect sensitive information. Offering services such as:
- Hardening devices, networks, and systems against attacks
- Secure smartphone deployments
- Source-code security audits
- Certified forensics services, including expert witness testimony
- Incident response
- Malware forensics and mitigation
- Training in security practices such as encryption toolsets, operations security, and counter-intelligence
You can find more information about our information security consulting.
In addition to consulting we are building a secure version of Android called Copperhead OS.
Our team members have made an art out of hardening their own desktop machines from attacks. But smartphones have always presented a hurdle. Even among experienced programmers and security researchers we spoke to, few had experience securing their mobile devices.
Seeing a need for a secure-by-default version of Android, we decided to fork Cyanogenmod, harden the underlying system in every way possible, and release our own ROM entirely open-source. Similar to how there are different distros of Linux, we see the need for more open-source options in Android.
We also plan to sell smartphones that are pre-installed with Copperhead OS and provide support services for organizations looking to deploy secure phones within their company.
We launched a landing page for our secure android OS and will release a blog post with more information soon.
If you're interested in working with Copperhead, please feel free to get in touch at our contact section.