Their compliance badges are cover for the take.
Compliance certifications contradicted by observed behavior. SOC 2, ISO 27001, GDPR-compliant badges displayed while the vendor's scripts demonstrate behaviors that directly violate those standards. The certifications are reputation laundering.
How This Escalates BTI-C Findings
Escalates any BTI-C finding from a behavior to a fraud. If a vendor has SOC 2 certification but deploys C01 (Defeat Device), the certification itself becomes evidence of willful misconduct.
Related Advisories
No published advisories reference this code yet.
Investigations are ongoing.
Blackout uses security frameworks to protect AGAINST vendors, not FOR them. We do not notify vendors. We do not provide remediation windows. If you're using a vendor flagged by this code, the advisory is your evidence.