Syndis is an Icelandic information security think-tank based in Reykjavik, Iceland, specializing in providing bespoke attack solutions. Syndis services clients with the most demanding security needs. Research is central to the Syndis vision and is considered core to the innovative approaches supplied to the clients.
To drive security innovation for tomorrow's premier organizations.
By leading research in offensive security, developing bold technologies and applying these to counter real world threats.
Services with local knowledge
Emulation of persistent threats
Innovative research and custom solutions
Close approximation to real-world attacks
Goal Oriented Security
In an attempt to counter the shortcomings in the practices of "pen-testing-as-usual", we pursue our own unique methodology we call Goal Oriented Attacks. We engage our customers in a manner that far more closely mirrors the process used by an actual malicious attacker.
Perhaps you don't need a full-on security assessment, penetration test, or in-depth technical security work. Sometimes you just need to talk to an expert in order to understand the state-of-the-art, validate the claims of a vendor, get a "sanity check" on something you are planning to do, or to you just want to bounce an idea off of someone who really knows what they're talking about.
Syndis as a company with a vision that centers around research, development, and innovation aims to provide services in a way that integrates well with information security research. We are take on specialized research projects that extract maximum value from our technical abilities.
Our Attack Methodology
At a high-level, Syndis provides a commercial consulting service for which real-world attack operations are simulated. The cyclical approach focuses on identifying an organization's Resources (both human and technical) that are open to attack, compromising them to turn them into an Asset over which Syndis has a level of control, and using the Capabilities provided by Assets to realize the engagement Goals defined together with the client.
Syndis principals have at least ten years of experience each and have been engaged to perform penetration testing for a range of organizations, both domestic and international, including government consulting, digital entertainment and manufacturing industries.
Chief Executive Officer of Syndis
Michael brings over 20 years of security and management experience to Syndis. He has led both small teams that focused on discrete technical problems, as well as large and globally dispersed units that were charged with monitoring and reacting to cyber threats worldwide. Trained in multiple disciplines, Michael brings a diverse set of knowledge, skills and abilities to bear on Iceland's cyber security problems. [more]
Michael is a co-founder of Kyrus, a computer security consultancy in the U.S., as well as Carbon Black, a security product company. A former specialist in military intelligence, Michael has also worked for commercial institutions in the industrial and financial sectors.
Michael earned a bachelor's degree in computer science and master's degree in computer forensics. He has held the CISSP credential since 1999. A 2007 Lincoln Fellow of the Claremont Institute, his opinions on security issues are often sought out by the media and industry groups.
Chief Technology Officer of Syndis
Rich has worked professionally in the space of offensive security for over 10 years where his research has been focused on the areas offensive tooling, framework design, post-exploitation strategies alongside continual vulnerability research and exploit development. In addition to his research, Rich performs consulting and attack services across a range of verticals including National Security, Financial, Technology, and the Entertainment industry. [more]
Prior to co-founding Syndis, Rich led the Attack Technology Division at Kyrus Tech (DC), held a Vice President role at Morgan Stanley (NY) as the lead cyber-threat specialist, was a senior researcher at Immunity Inc (FL) and led the Research In Offensive Technologies and Threats group at Hewlett-Packard's European Labs (UK).
Rich is an internationally recognized expert and has spoken at numerous conferences and has participated in industry, government and community sponsored information security groups and initiatives.
Hörður Ellert Ólafsson
Hörður works out of the Denmark office. Hörður has a 10 years of entrepreneurial and consultancy experience in Europe and Africa. Hörður has consulted for a variety of organizations, both domestic and international, ranging from government, to small NGO's, to startups and large companies within the creative, technology, and sustainability industries. [more]
Currently Hörður studying Entrepreneurial Leadership at the KaosPilots, Denmark. Hörður's education has focused on Creative Project Leadership, Creative Business Design, Creative Process Design and Creative Leadership.
Ýmir Vigfússon, PhD
Chief Science Officer
Ýmir is Assistant Professor in the School of Computer Science at Reykjavik University and leads the research strategy of Syndis. He obtained earned a PhD in Computer Science from Cornell University in 2009 where his dissertation was nominated for the ACM Doctoral Dissertation award, and worked as a post-doctoral scientist at IBM Research on innovations in distributed systems. [more]
With more than 15 years of experience in computer security, Ýmir is a pioneer in offensive exploitation of computer software. He invented various techniques to leverage security vulnerabilities in software, and wrote several of the first "Format string" and "Heap overflow" exploits. Ýmir has published over 30 academic papers, holds 3 patents and loves cats. His professional web site is ymsir.com.
Theódór R. Gíslason
Theódór has over 13 years of working professionally in the space of offensive information security with his interests focusing on penetration testing, exploit development, offensive tooling and vulnerability research. Theódór has performed security assessments, penetration testing, malware analysis, and security consulting for many of Iceland's largest organizations, including financial, government, and other technology oriented companies. [more]
He is a popular instructor and speaker in Iceland, having for instance taught two computer security courses at the University of Iceland as well as a technical security course at Reykjavik University in 2012. Theódór has also presented at various conferences on state-of-the-art topics relating to information security.
Prior to co-founding Syndis, Theódór worked for Capacent, TERIS, and KPMG, where he performed technical offensive security consulting and assessments.
Björn has a B.Sc. in Electronics Engineering with emphasis on embedded systems, low level programming and RF technology. He has many years of experience in systems engineering on air defense and military communication systems and in security, both in private and government sector. He served as an INFOSEC and COMSEC officer and represented Iceland in various security working groups and accreditation boards during his time as a government employee. [more]
His experience in information security ranges from defensive security on military networks to penetration testing of some of the largest organizations in Iceland, including financial, telecommunications and government.
Charlie has spent his last few years doing application security in the gaming industry, and spent countless hours doing security research against both open and closed source applications. He has worked with major vendors on vulnerabilities he has discovered during his research. He has already presented at multiple conferences, including Nordic Security Conference. He has also done work on anomaly detection in video games and related systems, which he has presented about. [more]
He has also done work on incident response situations relating to malware attacks, system breaches, and denial of service attacks for various organizations.
+354 415 1337 | firstname.lastname@example.org
Menntavegi 1, 101 Reykjavik, Ísland