It's difficult to see negative rings.
We have a specific focus on advanced malware and firmware. The latter is increasingly a preferred choice of well funded adversaries for penetrating high value assets. Firmware often lacks an abstraction layer such as that provided by the OS or hypervisor for detecting security events granting attackers a realm to operate with relative impunity. Malicious implants of this type gain above-admin access to critical infrastructure and design-level invisibility to normative security software which at best is running at ring -1 (VT-x).
Our group specializes in monitoring firmware for anomalies. Via collaborations with respected open source efforts, we access various low level interfaces and firmware. We are building solutions for Windows, Linux, OS X that provide extraordinary visibility into system firmware (incl. BIOS/UEFI incl. shell) and hardware of all types.
We also offer one of the industry's pioneering firmware analysis web-service crafted with love by our team across the USA and Australia.