Company Overview

ZecOps is a cyber security start-up based in San Francisco, Tel Aviv, and Singapore that specializes in finding and leveraging attackers mistakes to automate digital forensic investigations using agentless solutions.

ZecOps technology serves as the last line of defense detecting advanced threat operators that successfully evaded organization’s security controls. ZecOps PARTICLES™ Platform helps to identify and analyze attackers’ mistakes and consists of three standalone solutions:

  • Gluon : Automated Digital Forensics and Incident Response (DFIR) for iOS
  • Neutrino : Automated Crash Forensics for Windows, Linux and OS X
  • Electron : Automatically Turn Quarantined Threats into Internal Threat Intelligence

The technology is suitable for endpoints, servers, mobile devices, IOT devices, ATMs, ICS/SCADA systems, connected cars, military systems, and other technologies running on modern operating systems.

For more information, visit www.zecops.com.


ZecOps High Level Use Cases


NEUTRINO = Continuous Crash Forensics for Windows, Linux, OS X Informs

  • Security Operations
  • Incident Response
  • Forensic Investigations
  • Alert Security Operations Centre (SOC) analysts about APTs and security incidents
  • Discover and extract exploits and payloads that evaded internal security controls
  • Reduce Incident Response (IR) time & expenditures
  • Find root causes for Operating Systems / Application reboots & errors
GLUON = Digital Forensics and Incident Response (DF IR) for iOS
  • Incident Response
  • Forensic Investigations
  • Risk Management
  • Near real-time iOS incident analysis and digital forensics
  • Pre and post travel inspections for Executives/VIPs/Users with sensitive data
  • Automated compromise and risk assessment of iOS devices
  • Disinfect your organization at scale
ELECTRON = Analysis and triage of blocked events
  • Threat Intelligence
  • Security Operations
  • IT Operations
  • Generate internal Threat Intelligence
  • Analyze and triage blocked events and threat actors
  • Identify targeted attacks against specific user groups / business functions
  • Identify infected hosts used for command and control purposes