UMBRASEC is a new, independent, one-person defensive security research project, started in 2026. It isn't a company, a collective, or a consultancy — it's an individual researcher publishing detection engineering, threat analysis, and small open-source defensive tools, in the open.
Technical, defender-focused writeups: detection-engineering guides with rules you can run, breakdowns of real techniques mapped to MITRE ATT&CK, mitigation guidance, and honest analysis of current threats and CVEs. Every factual claim is tied to a primary source — vendor advisories, ATT&CK, CVE records, or reputable reporting.
No working exploits, no malware, no jailbreak libraries, no offensive tooling. The research describes how attacks work only to the depth a defender needs to detect and stop them. This is a deliberate scope choice: shipping functional attack material would make the project a liability, not an asset.
You won't see report counts, disclosure tallies, or claims of years of operation here — because the project is days old, and inventing those numbers would be dishonest. A brand-new site advertising a long history is a red flag, and rightly so. The plan is the boring, honest one: publish genuinely useful work, let it be checked, and let any reputation grow from there.
The project is run under a handle rather than a legal name, which is common and accepted in security research. What matters for trust isn't the name on it — it's whether the rules run, the sources check out, and the analysis holds up. All three are things you can verify yourself.
If a detection misbehaves, a citation is wrong, or an analysis is off, that's exactly the feedback this project wants. Open an issue on GitHub or email [email protected]. Corrections make the next version better and are credited.
Standing commitments: defensive scope only · every claim sourced · free to read, no paywall or email gate · support is optional, never required · honest about what exists and what doesn't.