.about .authors .software .categories
Threat intelligence for remote & open source organizations

Ketman

We recommend reading “Introducing Ketman Project” for a detailed breakdown of our approach to threat intelligence and open source software security.

Together with SEAL we have built a full guide for discovering, engaging and mitigating DRPK IT Workers in organizations - DPRK IT Workers Framework.

Don’t forget to also checkout SEAL’s DPRK IT Workers dossier at Lazarus.Group to which Ketman contributed.

The project was possible thanks to the contribution from Ethereum Foundation Grant Program.

We also want to extend many thanks to Epieos.com- The OSINT platform that led to many successfull pivots on the DPRK IT Worker data.

Contact

You can contact Ketman members directly or:

Telegram: @seal_tips_bot - For an immediate help with DRPK IT Workers threat. Please validate your claims to the best of your abilities before contacting SEAL directly.

What We Do

  • Active threat hunting for DPRK IT Workers and other impersonators in the software development space
  • Assessing risks for open source organizations, red teaming hiring pipelines, and evaluating remote contributors
  • Developing automated software solutions for organizations and security teams
  • Deep digital due diligence leveraging battle-tested experience

When We Can Help

  • You require background checks on current or past contributors. You want to verify contributors are who they claim to be.
  • You need to eliminate potential entry points into your organization via remote contributors
  • You’re dealing with excessive PR/Issue spam
  • You require an evaluation of your partnership team’s security and quality
  • You want to stay informed about the latest insider threats and their TTPs

Name

Chapter III of Czesław Miłosz’s book “The Captive Mind”:

This chapter draws upon the writings of Arthur de Gobineau, a 19th-century French diplomat assigned to present-day Iran. In his Religions and Philosophies of Central Asia, Gobineau describes the practice of Ketman, the act of paying lip service to Islam while concealing secret opposition. Describing the practice as widespread throughout the Islamic World, Gobineau quotes one of his informants as saying, “There is not a single true Moslem in Persia.” Gobineau further describes the use of Ketman to secretly spread heterodox views to people who believe that they are being taught Islamic orthodoxy. Miłosz describes seven forms of Ketman applied in the People’s Republics of the 20th century…