The Synaptic Security Blog is part of the Malwarebox initiative, an independent European malware analysis and cyber threat intelligence ecosystem.
We publish original research, investigate adversary infrastructure and delivery chains.
We build tooling that helps analysts turn fragmented observations into structured, reusable intelligence.
We are looking for people who want to do serious work.
Who we are looking for
Analysts
We work with malware analysts, threat researchers, reverse engineers, infrastructure trackers and independent researchers who want to publish under their own name.
You bring the research and your perspective.
We can help with technical review, structure, editing, visualisation and distribution, without taking ownership of your work or hiding the person behind it.
Editorial independence matters to us.
Contributors remain free to present their findings, conclusions and professional opinions in their own voice.
We provide review and challenge where it strengthens the work, but we do not impose institutional talking points, suppress uncomfortable findings or turn independent research into polished corporate messaging.
Engineers
Malwarebox is building complex CTI tooling (KRAKEN, MANTIS, IIM, …) around malware analysis, infrastructure intelligence, adversary tracking, structured attack chains, automation and analyst workflows.
We are looking for engineers who enjoy difficult technical problems and want to help build tools that go beyond flat IOC lists, dashboards and yet another threat feed.
People who want to learn and teach
You do not need to know everything.
You need curiosity, technical discipline and the willingness to share what you learn.
We want Malwarebox to be a place where experienced researchers can pass on knowledge, while new analysts get the opportunity to work with real data, real investigations and real tooling.
Peers and partner organizations
We also welcome direct exchange with analysts, research teams, communities, companies and public-sector organizations.
This can be as simple as comparing observations, sharing perspectives, discussing methodologies or exploring a bilateral intelligence and knowledge exchange, without requiring a formal partnership or public collaboration.
What we are building
Intelligence for defenders
We produce both public and internal intelligence for the security community, researchers, companies, public institutions and other organisations that need a clearer view of adversary activity.
The goal is intelligence that can actually be understood, reused and acted upon.
CTI training
We provide practical training around malware analysis, infrastructure research, threat intelligence, analytical methodology and the reconstruction of complete attack and delivery chains.
Training built around the way real investigations work.
European sovereign tooling
Malwarebox is building analyst infrastructure that is developed, operated and controlled in Europe.
This includes open models and research as well as specialised tooling for collecting, structuring, connecting and analysing threat intelligence.
Bring your own signal
You can contribute a single investigation, publish regularly, help us build tooling, teach something you know or join an existing research effort.
You do not need a large following or a polished personal brand.
You need something real to contribute.
Research with us. Build with us. Learn with us.