Invisible Things Lab offers the following services:
- Low-level security consulting and auditing, including:
- x86 virtualization technologies
- C, C++, and assembly codebases
- Intel SGX
- Binary exploitation and mitigations
- Qubes OS consulting (including deployment, debugging, and feature development)
- Gramine consulting (including deployment, debugging, and feature development)
Contact us to obtain a quote for any of these services.
Low-level security consulting and auditing
With our extensive background in system-level security research, our expert team of world-class security specialists is prepared to audit your C, C++, and assembly code across a variety of architectures, such as x86, ARM, MIPS, and many more.
We’ve been working at the forefront of Intel SGX for many years (see Gramine consulting), and we’re ready to bring that expertise to bear on your SGX use cases, from helping you devise, deploy, and audit SGX-based solutions to consulting on the security of SGX itself.
Whereas most teams specialize exclusively in either offensive or defensive security, ours is renowned in both. Invisible Things Lab has presented numerous attacks against virtualization systems and Intel security technologies, including a famous series of exploits against Intel Trusted Execution Technology.
Our attack against Intel VT-d, allowing for a full VM escape, is still the only one that has been demonstrated. We’re also known for showing that it’s possible to break into Intel vPro BIOS and Active Management Technology. This expertise in how to “break” secure systems gives us a unique advantage in building them: We know how to think like attackers, and we understand how to design systems to be truly secure from the ground up.
Our team is among the best in the world at identifying exploits in binaries and developing mitigations against them. We can help you analyze the impact of security vulnerabilities, create proof-of-concept exploits, decide on appropriate mitigation measures, and advise on implementing and configuring them.
With our deep knowledge of kernel security, we advise on kernel compromises, advanced rootkits, integrity checking, and kernel exploitation techniques. Not only can we help you design and implement kernel and system code; we can also perform a comprehensive security review of an existing or planned implementation.
With decades of experience on the cutting edge of virtualization security, we’re well-equipped to advise on hypervisor attacks, secure hypervisor design, and secure hypervisor implementation. In addition, we offer security reviews on all of these aspects of virtualization.
Last but not least, our extensive hardware and firmware security experience makes us among the best choices in the world for BIOS, SMM, and chipset security, including the identification of vulnerabilities, the development of proof-of-concept exploits, and comprehensive code review. This includes decades of experience in advanced security technologies like x86 virtualization (e.g., VT-x, VT-d, and AMD-V), Intel Trusted Execution Technology (TXT), and Trusted Platform Modules (TPMs).
Qubes OS consulting
Qubes OS takes a uniquely effective approach to security. While the cybersecurity threats to companies and individuals have sharply increased in both number and sophistication, conventional operating systems are generally still monolithic in nature, leaving them vulnerable to total system compromise in the event of a zero-day exploit.
By contrast, Qubes has pioneered an approach called Security by Compartmentalization, which allows users to compartmentalize different digital activities into securely isolated compartments called “qubes” so that if one qube is compromised, the others remain unaffected. Moreover, Qubes seamlessly integrates all of these secure containers into a unified desktop environment, providing a decisive advantage in user experience and productivity over traditional methods of isolation.
Gramine is a library OS designed to run Linux applications in restricted environments like Intel SGX enclaves. This approach minimizes the porting effort required when migrating to confidential computing while maintaining a minimal attack surface. Invisible Things Lab is the driving force behind the core development of Gramine and employs the leading experts on this cutting-edge technology.
Chief Executive Officer
Michał is an experienced technology project manager. He has been a partner in several technology commercialization projects, where he has facilitated interactions between scientific and technical teams, and he has experience as a business development manager for hardware security devices, including smart cards, tokens, and hardware security modules (HSMs). He was the coordinator of the European Union project for the Cities of Scientific Culture in Warsaw, Poland and a working group member in the longest-running European framework supporting transnational cooperation among researchers, engineers, and scholars across the continent. He has supported public environmental protection and climate change initiatives and consulted on the building and processing of large spatial databases. Michał is a doctoral candidate in physics in the College of Interfaculty Studies in Math and Natural Sciences at the University of Warsaw.
mich@. PGP Key Fingerprint:
6B52 7FE5 6308 5B7A 34B9 6C2F 8F90 3F3E 5662 199B
Chief Technology Officer
Marek is an experienced system architect and Linux administrator. He specializes in security, virtualization and high availability. He has designed many security-oriented systems based on various different technologies — from simple passwords and keys through OTP to advanced multi-factor solutions based on tokens, cryptographic cards and biometrics. He also has accomplishments in the field of attacks on contactless cryptographic cards. His work as an active open-source contributor can be found in projects like Linux kernel, Linux-HA, Xen, and, of course, Qubes OS. Marek holds a master’s degree in computer science from the University of Warsaw.
marmarek@. PGP Key Fingerprint:
86BA 6E93 318F BA44 6642 A90A DB8F D31C CAD7 D72C
Andrew David Wong
Chief Communications Officer
Andrew is the Community Manager of the Qubes OS Project. In this role, he advocates for the interests of Qubes users and functions as a developer liaison, facilitating fruitful interaction between ITL and the Qubes community. He focuses on communicating his experience with and technical knowledge of Qubes in a way that is clear and understandable to prospective clients and users. He wrote much of the documentation and website for Qubes and manages the issue tracker and community-developed features. Andrew holds a doctorate in philosophy from the University of California, San Diego.
adw@. PGP Key Fingerprint:
BBAF 910D 1BC9 DDF4 1043 629F BC21 1FCE E9C5 4C53
Research Team Leader
Michał is an expert in reverse engineering, cryptography, and low-level hacking whose hobby is analyzing nearly everything he encounters just to understand how it works. He is a vice-captain and active player on the Dragon Sector CTF team. He is also one of the maintainers of Gramine, a Linux library OS with SGX support. From time to time, he teaches security courses at the University of Warsaw.
mkow@. PGP Key Fingerprint:
89FD 3FB2 593D 6ADB 6D5D 0B1F B808 F9FE F736 BD20
Founder & Former Chief Executive Officer
Joanna Rutkowska is a founder of Invisible Things Lab and the Qubes OS project, which she has been leading since its inception in 2010. Prior to that she has been focusing on system-level offensive security research. Together with her team at ITL, she has presented numerous attacks on virtualization systems and Intel security technologies, including the famous series of exploits against the Intel Trusted Execution Technology (TXT), the still-only-one software attack demonstrating Intel VT-d escape, and also supervised her team with the pioneering research on breaking into the Intel vPro BIOS and AMT/MT technology. She is also known for writing Blue Pill, the first hardware virtualization-based rootkit, introducing Evil Maid attack, and for her prior work on kernel-mode malware for Windows and Linux in the early 2000s.
joanna@. PGP Key Fingerprint:
ED72 7C30 6E76 6BC8 5E62 1AA6 5FA6 C3E4 D9AF BB99
Invisible Things Lab can be contacted via email at:
All ITL members can be contacted individually using:
If you have a speaking request for Joanna Rutkowska, please read this page first. Please note that ITL, like many other companies, uses a commercial Mail Service Provider (MSP) for its email hosting. This means that all email messages traverse through a third party mail server unencrypted (even if SSL/TLS is used to transfer messages between servers). The MSP thus has, by definition, unrestricted access to any unencrypted email sent to and from ITL. This means that all unencrypted email messages should be treated as if they are being read by third parties. Please use encryption when sending sensitive information to ITL (see our PGP key below). ITL cannot be held responsible for any potential leaks of information sent via unencrypted email.
Our general PGP key for email encryption can be found here. Individual PGP keys can be found under each member profile above. In order to exclude the possibility of Man-in-the-Middle attacks, you are encouraged to verify the fingerprints of all keys before use. This can be done either by phone or by looking on the backs of our business cards. This website should not be trusted for key verification.