News

2024, August 14^th — Web site published!

Embracing simplicity, we've designed and developed this initial web presence to faciliate connection. We hope that by putting ourselves out there, we will find more likeminded folks to collaborate with. I, personally, thank everyone that helped get this done — my family, the logo designer, support and feedback from peers. This wouldn't happen without all of you.

2024, March 6^th — Open for business!

Magnetite Security is founded! We are looking to collaborate towards our goals! If you see yourself as a potential partner, investor, advisor, or contributor please reach out.

Company

Magnetite Security is a computer security company based in Cedar Park, TX that was founded by Joshua J. Drake in 2024.

Josh is a 25-year computer security industry veteran with deep technical experience in building and breaking software of all kinds. His journey and experience are documented on his personal site.

The company was founded in 2024 to work towards Josh's vision for a better and safer future for computing. We embark on this journey armed with modern memory-safe-by-default programming languages and extensive security expertise. We embrace and evangelize openness and transparency. It's only by working together that we can achieve our vision.

Although we entertain client work, we understand that each of us only has so much time in each day. We prefer working with clients, and on projects, that are aligned with our vision and help us further our research and development goals.

We are big believers in open source. Whenever possible, we release everything we can publicly for the betterment of society. If you believe too, ask us about our open source and transparency discounts.

Research and Development

Our dedication to memory-safe-by-default programming languages and our perspective on the state of security in today's ecosystem give rise to our vision that the software behind many crucial technologies needs rethinking. Our research and development initiatives work towards a better future.

• Rust Implementation of Bluetooth Specifications
• Rust Implementation of 4G/5G Cellular Protocols

Services

Magnetite Security is pleased to offer a wide variety of deeply technical engagement. We specialize in layers of the software stack below user-facing applications including; boot loaders, firmware, drivers, kernel, operating system daemons, and more. We have experience with Trusted Execution Environment (TEE) and a multitude of popular platforms and operating systems.

Software Re-writes: Modern memory-safe-by-default programming languages are a major part of our vision. This offering involves assessing, designing, and developing compatible implementations of existing legacy software.

Exploit Development: Programming weird machines is a unique art. Exploit developers engage to craft high quality exploit code meant to demonstrate the impact of identified vulnerabilities. Other work that falls under this category includes stability testing, porting, and scaling.

Patch Development: Seasoned software developers and security specialists work to identify sound code changes that eliminate identified vulnerabilities. We are able to support both source code and binary patching efforts.

Source code review: Software security experts meticulously review your software using strategies that are proven to find defects.

Binary code review: Reverse engineering and security specialists review binaries of your choosing in an attempt to discover any latent vulnerabilities that may lie within.

Firmware Analysis: Armed with only a black-box firmware, security specialists analyze your artifacts to reveal security issues. When needed, this offering produces tools and documentation for working with the provided firmware.

Fuzzer Development: Testing is one of the most important parts of secure software development. Through this service, security and development specialists will design and implement a fuzz testing regimen to help give you confidence in your deployments.

Security Testing: Expert software test engineers work with security specialists to design and implement a suite of tests to verify that security goals are being met.

Customized Training: Veterans compile copious amounts of information and attempt to guide your staff through the material. Topics are open for discussion. This offering can range from one-hour lectures to multiple-day sessions.

Software Security Assessment: Analysts use a variety of open source and custom tooling to produce a report estimating the level of effort needed to secure a code base. This offering involves only the beginning of what is offered in a Source Code Review.

Threat Modeling: Engage with security experts to understand the threats that face your software -- and the users of it. This offering involves everything from documenting roles, actors, and threats to identifying potential mitigations.

Protocol Analysis: Security specialists will analyze your protocol and provide guidance on how it can be hardened against attack. This offering also covers validating existing implementations behave properly according to standards.