Kroll enhances Cyber Risk offering with new Malware Analysis and Reverse Engineering capabilities

By Joy Dumasia

Kroll, the world’s premier provider of services and digital products related to governance, risk and transparency announces that it is enhancing its Cyber Risk practice with the addition of a new Malware Analysis and Reverse Engineering service line. 

By using analysis of complex files and malicious code functionalities and the latest threat intelligence and innovative approaches, the new team will predominantly be tasked with assessing where businesses may have data at risk and translating these into risk mitigation plans for executive, legal and technical stakeholders. 

The key capabilities of this service line will include: 

• Malware triage and analysis: applying industry-best techniques, ranging from automated sandbox detonation and observation to low-level reverse engineering, disassembly and decompilation. 
• Source code security review: dynamically testing code functionality using industry-best methodologies. 
• Proactive tooling development: develop or repurposing malicious toolkits and utilities for heightened proactive testing. 
• Reverse engineering and expert code review: perform in-depth code analysis to produce declarations and supporting technical documentation for legal and technical audiences. 

This latest service line will complement Kroll‘s existing Cyber Risk related services suite, including Cyber Litigation Support; 24×7 Incident Response; Notification, Call Centres and Monitoring and Kroll Cyber Risk. 

Scott Hanson, Associate Managing Director in Kroll’s Cyber Risk practice, commented: “The creation of this service line will allow businesses to assess where they are vulnerable to attack, and perhaps most importantly, ensure that they have a plan in place to be able to safeguard those areas. All too often, organisations are told where they might be vulnerable, but steps aren’t taken to ensure that these risks are mitigated, and businesses are left without a plan. Our goal is to change this. The Malware Analysis and Reverse Engineering team draws from decades of private and public-sector experience across all industries, and so is well placed to help our global network of clients stay one step ahead when it comes to mitigating cyber risk.”