about

1. About Strategic Cyber LLC

Strategic Cyber LLC produces Cobalt Strike, a software platform for Adversary Simulations and Red Team Operations. Adversary Simulations and Red Team Operations are security assessments that replicate the tactics and techniques of an advanced adversary in a network. While penetration tests focus on unpatched vulnerabilities and misconfigurations, these assessments benefit security operations and incident response.

Cobalt Strike's Mission

Close the gap between penetration testing tools and advanced threat malware.

Cobalt Strike's Vision

Relevant and credible adversary simulations that:

  • produce battle-hardened security analysts
  • drive objective and meaningful security advances
  • educate security professionals and decision makers on advanced threat tactics

2. Compliance and Ethics Statement

Strategic Cyber LLC is committed to execute its mission and achieve its vision in a lawful, professionally responsible, and ethical way.

Strategic Cyber LLC uses the following tools to meet this commitment:

  • A public commitment to and summary of Strategic Cyber LLC's lawful and ethical behavior measures (this document)
  • An internal use business operations manual that documents policies and procedures in conjunction with their compliance and ethical considerations
  • Proprietary software that aids consistent application of internal procedures related to user screening and export compliance
  • A team of expert service providers that assist with and advise on general business actions, accounting, trade compliance, and matters specific to offense software

3. Product Control Statement

Functionally, Cobalt Strike aspires to differ little from the advanced threat malware it emulates. As Cobalt Strike makes progress on its defined mission, the dual-use potential of the product becomes a greater challenge. Strategic Cyber LLC's goals are to ensure Cobalt Strike is a force for good that empowers security professionals.

Towards those ends, Strategic Cyber LLC has processes and technology measures to:

  • Limit distribution of Cobalt Strike to security professionals who will use the product for ethical penetration testing purposes only
  • Make Cobalt Strike less attractive to malicious actors
  • Discourage uncontrolled proliferation of the licensed Cobalt Strike product

The Export Compliance Statement documents some of these measures. In addition, Strategic Cyber LLC degrades the trial product's ability to evade defenses and adds a customer identifier to files generated by the licensed product.

4. Export Compliance Statement

Strategic Cyber LLC's Cobalt Strike product is controlled by U.S. export control regulations and the company is committed to compliance with all U.S. laws, to include the U.S. Department of Commerce Export Administration Regulations and the regulations administered by the Department of Treasury Office of Financial Assets Control.

The Department of Commerce issued a Commodity Classification determination to Strategic Cyber LLC classifying Cobalt Strike under Export Control Classification Number 5D002.c.1. This classification dictates the circumstances, countries, and types of end-users to which Strategic Cyber LLC may export Cobalt Strike. Strategic Cyber LLC only makes export sales and trial fulfillments that comply with these restrictions. Strategic Cyber LLC reports all export sales and trial fulfillments of Cobalt Strike to the U.S. government.

Strategic Cyber LLC maintains a comprehensive export control compliance program to comply with U.S. export control regulations. This program also prevents fraud, denies adversary access to Cobalt Strike, and preserves the trust of Strategic Cyber LLC's customers.

As part of its export compliance program, Strategic Cyber LLC:

  • obtained U.S. government confirmation of export controls applicable to Cobalt Strike;
  • screens every trial request and order for signs of subterfuge and other red flags;
  • screens every export order and export trial request against U.S. Government prohibited party lists, to include the OFAC Specially Designated Nationals List, which includes known terrorists, agents of oppressive regimes, and persons subject to sanctions related to malicious cyber-enabled activities;
  • performs a risk assessment on every trial request and order, which takes into consideration such factors as an end-user's plausible use case and geographic location;
  • limits downloads of its product to approved trial requests and customers;
  • expressly requires customer agreement to U.S. export control restrictions and ethical use of Cobalt Strike in its End User License Agreement; and
  • requires that certain customers certify their agreement to the terms of an End Use Statement with more specific explanations of allowed uses and the limitations imposed by U.S. export controls.

5. Legal Requests

Strategic Cyber LLC is committed to cooperating with U.S. government law enforcement agencies and complying with valid legal process.

As a general matter, non-public information about our customers will not be disclosed in response to a request from a third party except when we receive a subpoena, court order, or other valid legal process.

Strategic Cyber LLC's legal counsel carefully examines each records request to ensure compliance with the law, including the Stored Communications Act. If we believe a request is overbroad, we may negotiate to narrow it or ask the issuing party to seek an adequate form of legal process to obtain the requested information.

6. Intellectual Property Statement

Strategic Cyber LLC respects the intellectual property rights of others and aims to comply with all applicable U.S. laws regarding intellectual property.

A list of third-party components (both open source and commercial) incorporated into Cobalt Strike is available in the product's readme.txt file. This file also documents the license of each component and its source. Strategic Cyber LLC complies with these licenses and keeps this information up to date.