PUNCH is a cyber-consulting firm that provides advanced analytics and strategic support to government and commercial clients. Our primary focus is in improving an organization’s awareness of and ability to manage a growing cyber threat environment. We focus on bolstering cyber preparedness by improving an organization’s analysts and the tools at their disposal.
Security Operations, Threat Intelligence and Incident Response
PUNCH provides support to Security Operations Center (SOC) analysts, including advanced intelligence reporting and contextualization, Tier III escalation, and custom tool development. We assist SOCs from conceptualization to optimization, drawing on a decade’s experience monitoring and preventing globally significant cyber threats and attacks to inform our client support.
PUNCH provides advanced threat hunting to commercial and government organizations. We work with our clients to assess their current security posture, identify data orchestration approaches that net quick and long-term enterprise wins, and provide proactive hunters to operate as their “eyes and ears” within complex networks. Our Hunt Cell consists of expert-level analysts with significant experience generating tailored hunt methodologies, as well as deep domain and sector-level expertise.
PUNCH conducts technical analysis of varied data types and scale, threats, artifacts, and hardware & software systems. PUNCH has decades of experience conducting packet-level and session-level analysis of network traffic, reverse engineering software, dynamic analysis, and continuous monitoring to develop understanding and conclusions of capabilities, vulnerabilities, and threat.
Research and Development
PUNCH researches new and scalable methods of analyzing cyber data, including network traffic, log analysis, and malware as well as client development for cyber operations, open-source project development, and commercial development ranging from back-end analytic and storage systems to front-end visualization and collaborative platforms to enhance and enrich the analytic process.
Doing Business with PUNCH?
PUNCH has been awarded a United States General Services Administration (GSA) Schedule 70 contract, number GS-35F-323DA under the category of Information Technology Professional Services. This contract allows all federal agencies access to PUNCH to help meet their cyber security needs.
Brent Wrisley founded PUNCH out of a desire to help organizations tackle cyber security more efficiently. He was frustrated by industry approaches designed to introduce complexity and costly tools, while classic defense-in-depth techniques were subordinated. As Chief Executive Officer, Brent built a company that preaches innovative approaches to network defense, but always with an eye toward demystifying and simplifying. He formed this vision from decades spent building, supporting and leading operational cyber organizations. As one of the founding members of the Department of Homeland Security’s US-CERT, Brent has been around long enough to witness the en masse creation of a cottage industry of “cyber-y” buzzwords. At the end of the day, Brent’s passion was to create a company that resisted fear-mongering, promoted awareness and collaboration, and exhibited a genuine concern for industry partners and friends. In his spare time, Brent deplores writing about himself in the third person, possesses an n+1 need for new guitars, as well as the occasional craft beer. More hops rather than less, always.
Chris McIlroy came at cyber the old-fashioned way: he fell into it. A longtime national security/homeland security adherent, Chris began his career helping State homeland security offices stand up operations shortly after 9/11. He focused on increased risk reduction and improved information sharing between business and government at all levels. As threats evolved, Chris moved away from physical to virtual, assisting the Department of Homeland Security, Department of Defense, European Commission, and Fortune 500 companies along the way. Along with Brent and Mike, Chris founded PUNCH out of a desire to create a different kind of company, one that resisted Beltway Forces--focused on doing work that is cool, for clients who need it. He excels at guiding clients through the cyber risk process from a threat-centric vantage point, identifying better return on investment and reduced risk. Lastly, Chris cycled 4000 miles last year, so if you need him start with the local espresso joints. Erstwhile attorney. Defender of the Brand. Recovering grammarian. The Clash is the only band in rock that matters.
Mike Geide has devoted his career to advancing and evolving custom analytical approaches to network defense. A founder at PUNCH, Mike draws on his previous experiences with US-CERT and Zscaler to generate tailored threat intelligence and operational solutions for PUNCH clients. He has a knack for quickly identifying root problems and formulating strategic pathways for resolution. As Chief Technology Officer, Mike advises all PUNCH clients on the efficient harnessing of security tools, operational methods, large data science projects and native/external threat intelligence. He excels at removing the “noise” from client environments, freeing analysts to do what they do best: act quickly to prevent compromise. Mike knows one speed: full out. Not surprisingly, Mike likes to run…A LOT. Like, Boston Marathon-qualifier a lot. If you can’t find him, best to search the local Northern Virginia trails first. Better move.
The Policy informs you of our policies regarding the collection, use, and disclosure of personal information when you register for and use our Service. In particular, our policy notifies you about the following issues:
What personally identifiable information we collect from you through the Service, how we use it and with whom we may share it.
What choices are available to you regarding the use of your information.
The security procedures in place to protect your information.
How you can contact us to correct any inaccuracies in the information or for any other reasons.
Information Collection, Use and Sharing
We are the sole owners of the information collected on or through the Service. By using the Service, you agree to the collection and use of information in accordance with this Policy.
Information Collection and Use
We collect information from you when you register for the Service, we may ask you for information that may include, but is not limited to, your name, address, phone number, email address, and other information. At your option, you may also provide demographic information (such as gender or age) about yourself, but such demographic information is not required.
We will use your information for providing and improving the Service, as well as identifying and communicating with you, responding to your requests or inquiries.
When you access the Service by or through a computing or mobile device, we may collect certain non-personal information automatically. Such information includes, but is not limited to, the type of computing or mobile device you use, your mobile device unique ID, the IP address of your device, your device’s operating system, the type of Internet browser you use and other statistics. We also gather certain non-personal information, such as internet protocol (IP) addresses from visitors to our websites and store that information in log files. We use this information, which does not specifically identify individual users, to analyze trends, track user movements around our site and to administer the site.
Unless you ask us not to do so through our “opt-in” or “opt-out” procedure (see next section), we may contact you via email in the future to tell you about special offerings, new products or services, or changes to this Policy. We may also use your information to contact you with newsletters, marketing or promotional materials, and other information that may be of interest to you.
In furtherance of attempting to protect against unauthorized access, intercepting malware or to avoid or deter other cyber intrusions, we may monitor network traffic for purposes of intrusion prevention, intrusion detection, identify traffic emanating from known bad actors, identify known signatures, and the like. At no time will this Service monitor or examine network traffic for any purpose other than the protection of customer information assets and ensuring appropriate and legal use of communications network resources and network performance.
We may use and store information about your location depending on the permissions you have set on your device. We use this information to provide features of our Service and to improve and customize our Service. Please see the paragraph below regarding location information to understand your options with regard to that information.
The Service will capture and/or retain small amounts of network traffic related to specific vulnerabilities for identifying intrusion attempts, to confirm security incidents, and/or to aggregate statistics about customer use of the Service.
Information Disclosure and Sharing
We will not use, sell, trade or otherwise share or transfer your personally identifiable information with any third party outside of our organization without first providing you with advance notice, except as described in this Policy. We may employ third party companies and individuals to facilitate our Service, to provide the Service on our behalf, to perform Service-related services, and to assist us in analyzing how users use our Service. These third parties have access to your information only to perform specific tasks on our behalf and are prohibited from disclosing or using your information for any other purpose.
We will disclose your information where required to do so by law or subpoena, or if we believe such action is necessary to comply with the law and the reasonable requests of law enforcement, or to protect the security or integrity of our Service. We may also release your information when we believe such release is required to enforce our Service policies, or to protect ours, our customers’, or others’ rights, property, or safety.
Your Options Regarding Your Information
Opt-In or Opt-Out: You may opt out of any future contacts from us at any time or change any of your account information by accessing the “My Account” section of the Service, by following the unsubscribe link or instructions provided in any email we send, or by contacting us. Any change will be effective for emails, orders or other action not yet in process. We may also retain any information changed or deleted by you for record-keeping purposes.
Cookies: You have the ability to accept or decline the use of tracking cookies. Most browsers automatically accept cookies, but you can instruct your browser to refuse all cookies or to indicate when a cookie is being used. The Help feature of most browsers provides information on how to accept cookies, disable cookies or to notify you when receiving a new cookie. If you choose to decline cookies, you may not be able to sign in or use other features of our sites and services that depend on cookies, but you will be able to perform basic navigation through the Service.
Location: You can enable or disable location services when you use our Service at any time, through your device location settings.
The security of your information is important to us, and we strive to implement and maintain reasonable, commercially acceptable security procedures and practices appropriate to the nature of the information we store, in order to protect it from unauthorized access, destruction, use, modification, or disclosure. When you submit sensitive information to the Service, your information is protected both online and offline.
If a password is used to protect your account and personal information, it is your responsibility to keep your password confidential. You must also require any employees or other representatives to whom you grant access to the Service to maintain the confidentiality of all passwords.
Wherever we collect sensitive information (such as, but not limited to, credit card data), that information is transmitted to us in a secure way through the use of Secure Socket Layer (SSL) technology and is then encrypted. You can verify this by looking for a closed lock icon in the user interface of your web browser, or looking for "https" at the beginning of the address of the web page.
In addition to using encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees or contractors who need the information to perform a specific job (for example, billing or customer service) can have access to your sensitive information. In addition, the computers and servers on which we store sensitive personal information are kept in a secure environment.
Please understand, however, that no method of transmission over the Internet, or method of electronic storage, is 100% secure. As such, although we strive to protect your personal information, we cannot guarantee its absolute security.
You must promptly notify us if your credit card, user name, or password is lost, stolen, or used without permission. In such an event, we will remove that credit card number, user name, or password from your account and update our records accordingly.
Your information may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction.
If you are located outside United States and choose to provide information to us, please note that we transfer the information, including your personal information, to the United States and process it there. Your consent to this Policy followed by your submission of such information represents your agreement and consent to that transfer.
In the unlikely event that individual personal information has been acquired, or is reasonably believed to have been acquired, from us by an unauthorized individual and applicable law requires notification, we will notify the affected users of that breach. We will provide such notice promptly, although notification may be delayed, e.g., if we or any law enforcement agency determines that notification would hinder an investigation.
Children: Our Service does not deal with information relevant to children under the age of 13. As such, we do not knowingly collect personally identifiable information from such children. If you are a parent or guardian and you learn that your children have provided us with personal information, please contact us. If we become aware that we have collected personal information from a child under age 13 without verification of parental consent, we will take steps to remove that information from our servers and other systems.
Access to Your Personal Information
Any time you would like to see the personal information we maintain about you, you can request a copy of such information. Simply send an email with “Personal Information Request” in the Subject line to the email address indicated below. You can also receive this information by sending a letter to the address indicated at the end of this Policy. We will do our best to respond to your request within a reasonable time. At a minimum, we will contact you within 30 days to tell you approximately how long it will take us to fulfill your request.
If your personal information changes and you would like to update the personal information in our records, please send an email requesting those changes to the email address indicated below. Alternatively, you can send us your requested changes by mail to the address indicated below.
We reserve the right to update or change this Policy at any time and you should check this Policy periodically. Such changes will be effective immediately after being posted on this page. Your continued use of the Service after we post any modifications to the Policy on this page will constitute your acknowledgment of the modifications and your consent to abide by, and be bound by, the modified Policy. If we make any material changes to this Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice here on this Policy page or our homepage.
If you have any questions or suggestions about this Policy or if you wish to correct any inaccuracies in the information you have submitted to us, please contact us at one of the following contact points:
Punch Cyber Analytics Group 20319 Portsmouth Blvd. Ashburn, VA 20147-7417 USA