Clarified Security

Clarified Security

Share

Clarified Security is an Estonian information security company focused in delivering practical security services. Our home market is the "IT wonderland" of Estonia where Web is the glue and delivery mechanism of most of these wonders. Thus, our strongest focus has been on manual WebApp pentesting while being generally happy to break anything that offers us technical challenges. We also teach pract

Photos from NATO Cooperative Cyber Defence Centre of Excellence's post 27/04/2026

A month ago the Red Team leader has to answer a question by the Blue Teams - "How many attacks can we expect and how many of our systems are compromized?" He just calmly said "All of them!"

As the exercise showed, he is a man of his word! Thank you Blue Teams for the greatest and most challenging exercise so far!

09/03/2026

How many attacks can we expect and how many of our systems are compromized?" is a very frequent question by all Blue Teams. Taavi has a very simple answer "All of them"
Good luck for the upcoming exercise to all the Blue Teams and see you in your systems!

🎬 A glimpse behind the scenes of Locked Shields: Red Team

Continuing to introduce the people behind Locked Shields – meet Taavi Sonets, who has been leading the Red Team for several years, the hackers who act as an adversary against Blue Teams defending a fictional nation's systems.

🔹How many years have you been involved in Locked Shields, and in what roles?
I’ve been part of Locked Shields since 2015. I started as a web attacks operator on the Red Team, later moved into client-side attacks targeting the internal networks environment, and over time progressed through several leadership roles. Since 2020, I’ve been the overall Red Team lead responsible for coordinating all Red Team subteams. Coincidentally, that was the year the exercise was cancelled due to COVID, and the following year it was held remotely.

🔹The Red Team stays behind the scenes. How much can you tell us about the team?
The Red Team is a diverse group of highly skilled specialists from around the world. We bring together experts in web attacks, client-side attacks targeting back-office environments, and infrastructure attacks that include both traditional networks and cyber-physical or operations technology systems.
Alongside the attack teams, we also have supporting roles responsible for infrastructure, development, innovation, and internal coordination. All of this helps us simulate a sophisticated and realistic adversary during the exercise.

🔹Approximately how many attacks can the Blue Teams expect during the exercise?
The safest assumption for the Blue Teams is: all of them.

🔹How do you ensure the attacks remain realistic and relevant to current threat landscapes?
We base our activities on real-world threat intelligence and lessons from recent incidents. The team continuously monitors how attackers operate and adapts the scenarios accordingly, so the Blue Teams face challenges that reflect today’s threat landscape rather than purely theoretical attacks.

At the same time, we like to give some of the classic techniques a new spin. Locked Shields is a unique exercise environment that allows us to combine realistic attacker behaviour with a level of complexity that can sometimes even exceed what organisations experience in day-to-day operations.

🔹If you could give one wish or piece of advice to the Blue Teams this year, what would it be?
We will hack you. Good luck!

Follow us to meet the teams behind LS26!

24/09/2025

Joining BSides crowd tomorrow? Mait has prepared some really special treats for his workshop this year!
As the places are limited, remember - early worms can enter without the pin!

Photos from NATO Cooperative Cyber Defence Centre of Excellence's post 09/05/2025

Thank you Blue Teams for a great game! Congratulations to everyone who made it until ENDEX!
See you in your systems!

Infoturve ja sellega kaasaskäivad eksimused | Andmekaitse Inspektsioon 29/05/2024

Elar Lang käis Andmekaitse Inspektsioonil külas ja rääkis nii turvatestimisest kui paroolide ja veebide turvalisusest. Tahad teada, mis on O-eriline, kuidas riik Su paroolide turvalisusesse panustab ja millal võib juhtuda, et ründajad Sinu eest turvapaiga peale panevad? Kuula Andmehäälingust!

Infoturve ja sellega kaasaskäivad eksimused | Andmekaitse Inspektsioon Teinekord piisab ohu tõrjumiseks vaid paarikümnest eurost.

Want your business to be the top-listed Computer & Electronics Service in Tallinn?
Click here to claim your Sponsored Listing.

Telephone

Address


Lõõtsa 12
Tallinn
11415