[616c]

So I am still reading through their Linux container security paper, and I like their stuff, but who are these NCC people? In the last few months I have seen multiple postings on their papers and blog posts, seemingly out of nowhere, never having heard of them pry to the container paper.

[dyn-]

Glad to hear it. As mytummyhertz said, NCC Group (where we both work) is made up in the US from iSEC Partners, Matasano Security and Intrepidus Group consultancies (who were all purchased by NCC Group in the last few years). In the UK it's primarily NGS. iSEC Partners/Matasano/Intrepidus Group/NGS have published research/security presentations/tools (sslyze) etc for years.

[616c]

I am kind of new to the infosec scene. I was curious because your stuff seems thorough, but the new TLD domain made me wonder where you all came from, like rebranding or something else. Sounds like a little column A, little column B.

My favorite quick security tool on Linux is firejail, which uses seccomp-bpf under the hood. So I was quite excited to see in your container paper discussion of that and the interaction of Linux subsystems I do not really grok.

Keep up the good work. Obviously not all for me, but I benefit. :-)

[dyn-]

Thanks, firejail is a nice little tool. Yeah the .trust TLD isn't a rebranding or anything, just another NCC Group side-project.

[mytummyhertz]

NCC = matasano + iSec + intrepidus group

:D

[616c]

Thanks. That explains some things.

[baby]

There are also the crazies at Fox-IT.