# Crimson7

Website: https://www.crimson7.io

## Home
- [Crimson7 | Offensive Security & Continuous Threat Validation](https://www.crimson7.io/): Elite offensive security services that expose and close the gaps before real attackers find them.

## Services
- [Services](https://www.crimson7.io/services): Adversary-led security services: Red Team, Purple Team, Purple Rain, and Detection Engineering.
- [Offensive Engineering](https://www.crimson7.io/services/offensive-engineering): Red team exercises, adversary simulation, purple team operations, identity security, and endpoint security assessments.
- [Defensive Engineering](https://www.crimson7.io/services/defensive-engineering): Detection engineering services: validation, development, optimization, and threat hunting rules. Delivered as code.
- [Managed Security](https://www.crimson7.io/services/managed-security): Purple Rain managed purple team, managed threat hunting, and continuous detection validation services.
- [Specialty Services](https://www.crimson7.io/services/specialty): Hardware security, firmware and IoT assessment, industrial control systems, and physical security testing.

## Products
- [HackerFlow — Offensive Security Workflow Automation](https://www.crimson7.io/products/hackerflow): Streamline your red team operations from recon to reporting. HackerFlow automates the repetitive, so you can focus on the creative.
- [7Hunter - Threat Hunting Query Management Platform](https://www.crimson7.io/products/7hunter): Centralize 4,280+ KQL queries, 75+ runbooks, and full MITRE ATT&CK mapping. Turn weeks of manual hunt setup into minutes.

## Company
- [Our Work](https://www.crimson7.io/work): Real results from real engagements. See how we help organizations improve their security posture.
- [About Us](https://www.crimson7.io/company/about): A team of offensive security experts who believe defense improves when you think like an attacker.
- [Contact](https://www.crimson7.io/contact): Request a discovery call or get in touch with our security experts.

## Resources
- [Resources](https://www.crimson7.io/resources): Blog posts, research, tools, and educational resources from our offensive security experts.
- [Blog](https://www.crimson7.io/resources/blogs): Cybersecurity research, threat intelligence, and detection engineering insights from the Crimson7 team.
- [Research Reports](https://www.crimson7.io/resources/research): KQL-based threat hunting runbooks with detection queries, MITRE ATT&CK mappings, and investigation guidance for Microsoft Sentinel.
- [Downloads](https://www.crimson7.io/resources/downloads): Datasheets, playbooks, sample reports, and templates from Crimson7. Free resources for security professionals.

## Blog posts
- [Hunting a PhaaS Operator: From Phishing Email to Lagos, Nigeria](https://www.crimson7.io/resources/blogs/hunting-phaas-operator-kali365): A phishing email landed in an employee's inbox. SPF passed. DKIM passed. DMARC passed. Spam score: 0.085/1.0. What started as a routine triage turned into a multi-day offensive hunt.
- [Bybit Hack Considerations](https://www.crimson7.io/resources/blogs/bybit-hack-considerations): Analysis of the cryptocurrency exchange breach, highlighting supply chain security and browser-based attack vulnerabilities.
- [APT38's New Game: Targeting Devs with Fake Coding Challenges](https://www.crimson7.io/resources/blogs/apt38-new-game): North Korean threat actors are leveraging GitHub to target software developers through fake job opportunities and technical interviews.
- [Conversion from Sigma Community to KQL That Works](https://www.crimson7.io/resources/blogs/sigma-to-kql-conversion): Our functional Sigma-to-KQL conversion utility compatible with the Sigma Community repository.
- [Managing Threat Hunting Content via APIs in Microsoft Sentinel](https://www.crimson7.io/resources/blogs/sentinel-threat-hunting-apis): API tools designed to streamline content management for threat hunting operations within Microsoft Sentinel.

## Events
- [Cybersec Europe 2026](https://www.crimson7.io/events/cybersec-europe-2026): Cybersec Europe is Belgium's leading cybersecurity exhibition and conference. The 2026 edition features a brand-new OT Theatre for operational technology security, an expanded Tech Theatre with hands-on demos and deep-dives, inspiring keynotes, talk shows, Q&A sessions, and interactive workshops. Meet the Crimson7 team to discuss adversary simulation, detection engineering, and managed security.
- [teissAmsterdam 2026](https://www.crimson7.io/events/teiss-amsterdam-2026): Nick Maeckelberge from Crimson7 will be participating in a panel discussion at teissAmsterdam 2026 on using AI to operationalise cyber threat intelligence. The session covers transforming raw threat intelligence into actionable detection and response insights, automating detection pipelines, and validating defences using real-world adversary behaviour.

## Legal
- [legal](https://www.crimson7.io/legal)

## Optional
- [Sitemap XML](https://www.crimson7.io/sitemap.xml): Machine-readable URL list for crawlers