Herengracht 447A 1071BR Amsterdam
Meet your Ransomware Negotiator
Matt Saglam is a distinguished figure in the realm of cybersecurity, renowned for his expertise in ransomware negotiation and dark web research. At the forefront of ChainBreak, he provides specialized ransomware negotiation services, leveraging his extensive experience to achieve remarkable results, including negotiating discounts of up to 87%. His proficiency in this field is backed by his establishment and leadership of a skilled team that monitors the dark web for over 17,000 companies, a testament to his deep understanding of the cyber threat landscape.
As a seasoned cyber threat intelligence expert, Matt’s career has been marked by significant contributions to proactive cyber attack prevention. He was instrumental in leading a team of over 40 threat intelligence analysts at SOCRadar, where he provided Attack Surface Management, Digital Risk Protection, and Cyber Threat Intelligence services to a diverse client base of more than 20,000 companies worldwide.
Matt’s commitment extends beyond professional services, as he actively supports National Computer Emergency Response Teams (CERTs), Information Sharing and Analysis Centers (ISACs), and various enterprises, addressing their complex threat intelligence needs. His qualifications include certifications as a Threat Intelligence Analyst, Ethical Hacker, and Red Team Professional, complemented by a Master’s degree in Computer Science from Virginia Tech.
A community-centric individual, Matt initiated the Security for Community, a non-profit cybersecurity organization. This initiative focuses on providing actionable threat intelligence to organizations and individuals, aiming to proactively prevent cyberattacks. In addition, his role as a professional Ransomware Negotiator and a threat intelligence advisor to DefendMe.AI, a pioneering GenAI-based personal security advisor, further highlights his extensive knowledge and commitment to cybersecurity.
His previous experience includes training individuals in threat actor engagements on hacker forums, demonstrating his versatile skills and deep understanding of the cyber threat environment. Matt Saglam’s comprehensive expertise and dedication make him an invaluable asset in the field of cybersecurity and ransomware negotiation.
Ransomware negotiation is a specialized process that takes place after a ransomware attack on a computer system or network. In a ransomware attack, the attackers typically encrypt the victim’s data and demand a ransom, usually in cryptocurrency, for the decryption key.
The main steps are;
Yes, you can. Please contact our negotiation team. [email protected]
Yes, we provide cryptocurrency ransom payment service.
After contacting our negotiation team, we provide an initial questionnaire form that includes basic information about your company (the victim), the status of the incident, and your expectations. Our negotiation team uses that information to do their initial research, and they provide an Initial Intelligence Report.
No, the goal of the Initial Intelligence Report is to provide intelligence about the attacker, risks of making and not making a payment. We also share the initial quote with the intelligence report to enable you to analyze the risks and give the right decision. Our paid service starts after approving the service terms and the initial quote.
Depending on the victim’s and threat actor’s expectations, the negotiation can take 24 hours to a week. Our goal is to reach your expected payment amount as soon as possible.
Threat actors mainly request ransom payments using cryptocurrencies. You can do the transfer using your own crypto wallets, or request support from us to manage the payment.
We start charging for our Ransomware Negotiation service only when we reduce the ransom payment by 50%. Our records show that we reduced the payments by up to 87.5% within the last two years.
When you use our negotiation services, we provide a complimentary 30-day Dark Web Monitoring service to detect if any data is shared.
ChainBreak provides managed Attack Surface Management (ASM) and Digital Risk Protection (DRP) services to prevent cyber attacks before happening. ASM service provides visibility on your digital infrastructure by discovering unknown assets, and detecting vulnerabilities and configuration weaknesses on them that threat actors exploit. DRP service provides dark web monitoring, phishing prevention, code repository monitoring, and cloud instance monitoring to eliminate critical factors that the attackers use to conduct their attacks.