FARPSEC is a security research lab. We reverse-engineer OS internals and find architectural vulnerabilities before they go public. The defensive tools we ship come out of that work.
Published papers and technical disclosures on macOS, iOS, and enterprise software.
Advisories, shorter writeups, and opinion pieces straight from the people doing the work.
Security tooling built from our offensive research. Detection based on real exploit chains, not signature lists.
Good defense starts with knowing exactly what the system does.
Perimeter defenses fail when the architecture behind them shifts and nobody notices. We track those shifts version to version and pin down the exact points where behavior stops matching the documented design.
Our FARP and FALE pipelines run this at scale, flagging regressions in IPC boundaries and entitlement checks across OS releases. Every finding ships with a proof of concept that reproduces. Every defensive product we build comes out of something we broke first.
Enterprise deployments, research collaboration, or coordinated disclosure.
contact@farpsec.xyz