PIKERED SRL

At Pikered, we focus on offensive security services and solutions. Our main product, ZAIUX Evo, is a Breach & Attack Simulation (BAS) solution. It is able to fully automate a realistic attack scenario, targeting IT infrastructures and simulating attacker behavior after the first entrypoint (e.g. a phishing email), with the creation of a Command And Control tunnel with a dedicated Cloud sandbox. This is done without the need of any whitelisting rule on the defensive solutions (Anti Virus, EDR/XDR...), which are actively tested by our software. The execution of a BAS is started using an html file, which we call an "ethical malware", from a host in the target network. After successful creation of the Command And Control tunnel, it performs a domain privilege escalation inside the MS Active Directory domain, employing all the stealth techniques that an attacker would use in a real scenario, avoiding service disruptions, host crashes and user lockdowns. Each BAS can be monitored from a centralized Web platform, and at the end of the execution a clear and concise report is produced, giving insights on the hacking techniques that were successfully performed and including references to the MITRE ATT&CK Framework for the related Remediation activities. Our licensing model is oriented to service providers, with a pay-per-use approach based on execution tokens with scalable pricing, up to flat licenses. ZAIUX (the first version, now improved with ZAIUX Evo) has been awarded with the "Top of the PID" award in 2022. We have taken part in various events, among which: IT-SA 2021 (Nuremberg), Cybertech 2022 (Rome), HackinBo Business Edition 2022 (Bologna), Security Summit 2023 (Milan), SMAU Italy RestartsUp 2023 (Paris), InfoSecurity Europe 2023 (London) and recentrly we have been awarded by TIM thanks to the innovation of ZAIUX Evo in support of IT security and Made in Italy technologies.