The fifth annual Flare-on Challenge held by FireEye recently took place.129 out of 4925 players, of which 10 were Chinese players, reportedly finished the challenge this year. NSFOCUS’s KoAll team made a huge splash by topping the global medal tally with four medals.
The Flare-On Challenge is a global online reverse engineering challenge organized by FireEye to test skills of reverse engineering analysts in an all-around way and award those finishing challenges with medals. This contest focuses on x86, x64, Windows, Java, .NET, WebAssembly, and Linux architectures, as well as Bootloader, Bootkits, and virtualization technologies.
NSFOCUS’s KoAll team comprises security researchers from NSFOCUS Security Response Center (NS-SRC). NS-SRC is engaged in security intelligence acquisition, emergency response for security incidents and security solution delivery, as well as security research on virtualization, industrial control systems, smart devices, and wireless networks. Thus far, NS-SRC has discovered security vulnerabilities in a substantial amount of industrial IoT devices and helped vendors address them.
NSFOCUS’s KoAll team has taken part in the Flare-On Challenge since 2016 and published The Tao of Reverse Engineering — Fourth Flare-On Challenge in 2017, the first kind of skills manual concerning this contest in China. By 2018, NSFOCUS has won a total of eight medals in the contest, owing to joint efforts of members of the KoAll teams who equipped with reverse analysis, vulnerability mining, sample analysis, and embedded device software analysis capabilities, continually drawing lessons from experiences, identifying problems, and correcting them in a timely manner. Through this contest, members of this team improve their individual capabilities and also apply protection means and ideas to the development of related NSFOCUS products.
NSFOCUS focuses on keeping track of the latest research in network security vulnerabilities at home and abroad while conducting continuous security studies on vulnerability analysis,mining and reverse engineering. Thanks to these efforts, the company can constantly improve its techniques for intrusion detection and prevention, DDoS protection, and malware and attack behavior analysis detection, and honeypot and honeynet techniques. At the same time, the company has carried out the research and exploration into frontier security fields such as cloud security and virtualization security, and new security services, metrics, reputation, and intelligence revolving around the concept of “software as a service” (SaaS).