TigerGraph raises $105M Series C for its enterprise graph database

TigerGraph, a well-funded enterprise startup that provides a graph database and analytics platform, today announced that it has raised a $105 million Series C funding round. The round was led by Tiger Global and brings the company’s total funding to over $170 million.

“TigerGraph is leading the paradigm shift in connecting and analyzing data via scalable and native graph technology with pre-connected entities versus the traditional way of joining large tables with rows and columns,” said TigerGraph founder and CEO, Yu Xu. “This funding will allow us to expand our offering and bring it to many more markets, enabling more customers to realize the benefits of graph analytics and AI.”

Current TigerGraph customers include the likes of Amgen, Citrix, Intuit, Jaguar Land Rover and UnitedHealth Group. Using a SQL-like query language (GSQL), these customers can use the company’s services to store and quickly query their graph databases. At the core of its offerings is the TigerGraphDB database and analytics platform, but the company also offers a hosted service, TigerGraph Cloud, with pay-as-you-go pricing, hosted either on AWS or Azure. With GraphStudio, the company also offers a graphical UI for creating data models and visually analyzing them.

The promise for the company’s database services is that they can scale to tens of terabytes of data with billions of edges. Its customers use the technology for a wide variety of use cases, including fraud detection, customer 360, IoT, AI and machine learning.

Like so many other companies in this space, TigerGraph is facing some tailwind thanks to the fact that many enterprises have accelerated their digital transformation projects during the pandemic.

“Over the last 12 months with the COVID-19 pandemic, companies have embraced digital transformation at a faster pace driving an urgent need to find new insights about their customers, products, services, and suppliers,” the company explains in today’s announcement. “Graph technology connects these domains from the relational databases, offering the opportunity to shrink development cycles for data preparation, improve data quality, identify new insights such as similarity patterns to deliver the next best action recommendation.”

Spectral raises $6.2M for its DevSecOps service

Tel Aviv-based Spectral is bringing its new DevSecOps code scanner out of stealth today and announcing a $6.2 million funding round. The startup’s programming language-agnostic service aims to automated code security development teams to help them detect potential security issues in their codebases and logs, for example. Those issues could be hardcoded API keys and other credentials, but also security misconfiguration and shadow IT assets.

The four-person founding team has a deep background in building AI, monitoring and security tools. CEO Dotan Nahum was a Chief Architect at Klarna and Conduit (now Como, though you may remember Conduit from its infamous toolbar that was later spun off), and the CTO at Como and HiredScore, for example. Other founders worked on building monitoring tools at Elastic and HP and on security at Akamai. As Nahum told me, the idea for Spectral came to him and co-founder and COO Idan Didi during their shared time at mobile application build Conduit/Como.

Image Credits: Spectral

“We basically stored certificates for every client that we had, so we could submit their apps to the various marketplaces,” Nahum told me of his experience at Counduit/Como. “That certificate really proves that you are who you are and it’s super sensitive. And at each point at these companies, I really didn’t have the right tools to actually make sure that we’re storing, handling, detecting [this information] and making sure that it doesn’t leak anywhere.”

Nahum decided to quit his current job and started to build a prototype to see if he could build a tool that could solve this problem (and his work on this prototype quickly discovered an issue at Slack). And as enterprises move from on-premises software to the cloud and to microservices and DevOps, the need for better DevSecOps tools is only increasing.

“The emphasis is to create a great developer experience,” Nahum noted. “Because that’s where we started from. We didn’t start as a top down cyber tool. We started as a modest DevOps friendly, developer-friendly tool.”

Image Credits: Spectral

One interesting aspect of Spectral’s approach, which uses a machine learning model to detect these breaches across programming languages, is that it also scans public-facing systems. On the backend, Spectral integrates with tools like Travis, Jenkins, CircleCI, Webpack, Gatsby and Netlify, but it can also monitor Slack, npm, maven and log providers — tools that most companies don’t really think about when they think about threat modeling.

“Our solution prevents security breaches on a daily basis,” said Spectral co-founder and COO Idan Didi. “The pain points we’re addressing resonate strongly across every company developing software, because as they evolve from own-code to glue-code to no-code approaches they allow their developers to gain more speed, but they also add on significant amounts of risk. Spectral lets developers be more productive while keeping the company secure.”

The company was founded in mid-2020, but it already has about 15 employees and counts a number of large publicly-listed companies among its customers.

Grafana Labs launches observability stack for enterprise customers

Grafana Labs has created an open-source observability trifecta that includes Prometheus for monitoring, Loki for logging and Tempo for tracing. Today, the company announced it was releasing enterprise versions of these open-source projects in a unified stack designed specifically for the needs of large companies.

Company CEO Raj Dutt says that this product is really aimed at the largest companies in the world, who crave control over their software. “We’re really going after at-scale users who want a cutting-edge observability platform based on these leading open-source projects. And we are adding a lot of feature differentiation in the enterprise version along with 24/7 support from the experts, from the people who have actually created software,” he said.

Among those features is a set of plug-ins that lets these large customers pull data into the platform from leading enterprise software companies, including Splunk, New Relic, MongoDB and Snowflake. The Enterprise Stack also provides enhanced authentication and security.

Dutt calls this product self-managed to contrast it with the managed cloud versions of the product the company already has been offering for some time. “We have two main products, Grafana Cloud and now Grafana Enterprise Stack. Grafana Cloud is our hosted deployment model, and the Grafana Enterprise Stack is essentially licensed software that customers are free to run however they want, whether that’s on prem, in a colocation company like Equinix or on the cloud vendor of their choice,” Dutt explained.

They can also mix and match their deployments across the cloud or on-prem in a hybrid style, and the large enterprise customers that the company is going after with this product should like that flexibility. “It also allows them to hybridize their deployments, so they may decide to use the cloud for metrics, but their logs contain a lot of sensitive information [and they want to deploy that on prem]. And since it’s a composable stack, they may have a hybrid deployment that’s partly in the cloud and partly on prem,” he said.

When you combine this new enterprise version with the managed cloud version that already exists, it gives Grafana another potentially large revenue source. The open-source products act as a driver, giving Grafana a way into these companies, and Dutt says they know of more than 700,000 instances of the open-source products in use across the world.

While the open-source business model usually only turns a fraction of these users into paying customers, having numbers like this gives the company a huge head start and it’s gotten the attention of investors. The company has already raised over $75 million, including a $24 million Series A 2019 and a $50 million Series B in 2020.

With software markets getting bigger, will more VCs bet on competing startups?

This morning I covered three funding rounds. One dealt with the no-code/low-code space, another focused on the OKR software market and the last dealt with a company in the consumer investing space. Worth a combined $420 million, the investments made for a contentedly busy morning.

But they also got me thinking about startup niches and competition. Back in the days when inside rounds were bad, SPACs were jokes and crypto a fever dream, there was lots of noise about investors who declined to place competing bets in any particular startup market.


The Exchange explores startups, markets and money. Read it every morning on Extra Crunch, or get The Exchange newsletter every Saturday.


This rule of thumb still holds up today, but we need to update it. The general sentiment that investors shouldn’t back competing companies is still on display, as we saw Sequoia walk away from a check it put into Finix after it became clear that the smaller company was too competitive with Stripe, another portfolio company.

But as startups get more broad and stay private longer, the space into which VCs can invest may narrow — especially if they have a big winner that stays private while building both horizontally and vertically (like Stripe, for example).

Does that mean Sequoia can’t invest elsewhere in fintech? No, but it does limit their investing playing field.

Which is dumb as hell. Nothing that Sequoia could invest in today is really going to slow Stripe’s IPO, unless the company decides to not go public for a half-decade. Which would be lunacy, even for today’s live-at-home-with-the-parents startup culture that leans toward staying private over going public.

Microsoft’s Dapr open-source project to help developers build cloud-native apps hits 1.0

Dapr, the Microsoft-incubated open-source project that aims to make it easier for developers to build event-driven, distributed cloud-native applications, hit its 1.0 milestone today, signifying the project’s readiness for production use cases. Microsoft launched the Distributed Application Runtime (that’s what “Dapr” stand for) back in October 2019. Since then, the project released 14 updates and the community launched integrations with virtually all major cloud providers, including Azure, AWS, Alibaba and Google Cloud.

The goal for Dapr, Microsoft Azure CTO Mark Russinovich told me, was to democratize cloud-native development for enterprise developers.

“When we go look at what enterprise developers are being asked to do — they’ve traditionally been doing client, server, web plus database-type applications,” he noted. “But now, we’re asking them to containerize and to create microservices that scale out and have no-downtime updates — and they’ve got to integrate with all these cloud services. And many enterprises are, on top of that, asking them to make apps that are portable across on-premises environments as well as cloud environments or even be able to move between clouds. So just tons of complexity has been thrown at them that’s not specific to or not relevant to the business problems they’re trying to solve.”

And a lot of the development involves re-inventing the wheel to make their applications reliably talk to various other services. The idea behind Dapr is to give developers a single runtime that, out of the box, provides the tools that developers need to build event-driven microservices. Among other things, Dapr provides various building blocks for things like service-to-service communications, state management, pub/sub and secrets management.

Image Credits: Dapr

“The goal with Dapr was: let’s take care of all of the mundane work of writing one of these cloud-native distributed, highly available, scalable, secure cloud services, away from the developers so they can focus on their code. And actually, we took lessons from serverless, from Functions-as-a-Service where with, for example Azure Functions, it’s event-driven, they focus on their business logic and then things like the bindings that come with Azure Functions take care of connecting with other services,” Russinovich said.

He also noted that another goal here was to do away with language-specific models and to create a programming model that can be leveraged from any language. Enterprises, after all, tend to use multiple languages in their existing code, and a lot of them are now looking at how to best modernize their existing applications — without throwing out all of their current code.

As Russinovich noted, the project now has more than 700 contributors outside of Microsoft (though the core commuters are largely from Microsoft) and a number of businesses started using it in production before the 1.0 release. One of the larger cloud providers that is already using it is Alibaba. “Alibaba Cloud has really fallen in love with Dapr and is leveraging it heavily,” he said. Other organizations that have contributed to Dapr include HashiCorp and early users like ZEISS, Ignition Group and New Relic.

And while it may seem a bit odd for a cloud provider to be happy that its competitors are using its innovations already, Russinovich noted that this was exactly the plan and that the team hopes to bring Dapr into a foundation soon.

“We’ve been on a path to open governance for several months and the goal is to get this into a foundation. […] The goal is opening this up. It’s not a Microsoft thing. It’s an industry thing,” he said — but he wasn’t quite ready to say to which foundation the team is talking.

 

U.S. Indicts North Korean Hackers in Theft of $200 Million

The U.S. Justice Department today unsealed indictments against three men accused of working with the North Korean regime to carry out some of the most damaging cybercrime attacks over the past decade, including the 2014 hack of Sony Pictures, the global WannaCry ransomware contagion of 2017, and the theft of roughly $200 million and attempted theft of more than $1.2 billion from banks and other victims worldwide.

Investigators with the DOJ, U.S. Secret Service and Department of Homeland Security told reporters on Wednesday the trio’s activities involved extortion, phishing, direct attacks on financial institutions and ATM networks, as well as malicious applications that masqueraded as software tools to help people manage their cryptocurrency holdings.

Prosecutors say the hackers were part of an effort to circumvent ongoing international financial sanctions against the North Korean regime. The group is thought to be responsible for the attempted theft of approximately $1.2 billion, although it’s unclear how much of that was actually stolen.

Confirmed thefts attributed to the group include the 2016 hacking of the SWIFT payment system for Bangladesh Bank, which netted thieves $81 million; $6.1 million in a 2018 ATM cash out scheme targeting a Pakistani bank; and a total of $112 million in virtual currencies stolen between 2017 and 2020 from cryptocurrency companies in Slovenia, Indonesia and New York.

“The scope of the criminal conduct by the North Korean hackers was extensive and longrunning, and the range of crimes they have committed is staggering,” said Acting U.S. Attorney Tracy L. Wilkison for the Central District of California. “The conduct detailed in the indictment are the acts of a criminal nation-state that has stopped at nothing to extract revenge and obtain money to prop up its regime.”

The indictments name Jon Chang Hyok (a.k.a “Alex/Quan Jiang”), Kim Il (a.k.a. “Julien Kim”/”Tony Walker”), and Park Jin Hyok (a.k.a. Pak Jin Hek/Pak Kwang Jin). U.S. prosecutors say the men were members of the Reconnaissance General Bureau (RGB), an intelligence division of the Democratic People’s Republic of Korea (DPRK) that manages the state’s clandestine operations.

The Justice Department says those indicted were members of a DPRK-sponsored cybercrime group variously identified by the security community as the Lazarus Group and Advanced Persistent Threat 38 (APT 38). The government alleges the men reside in North Korea but were frequently stationed by the DPRK in other countries, including China and Russia.

Park was previously charged in 2018 in connection with the WannaCry and Sony Pictures attacks. But today’s indictments expanded the range of crimes attributed to Park and his alleged co-conspirators, including cryptocurrency thefts, phony cryptocurrency investment schemes and apps, and efforts to launder the proceeds of their crimes.

Prosecutors in California also today unsealed an indictment against Ghaleb Alaumary, a 37-year-old from Mississauga, Ontario who pleaded guilty in November 2020 to charges of laundering tens of millions of dollars stolen by the DPRK hackers.

The accused allegedly developed and marketed a series of cryptocurrency applications that were advertised as tools to help people manage their crypto holdings. In reality, prosecutors say, the programs were malware or downloaded malware after the applications were installed.

A joint cyber advisory from the FBI, the Treasury and DHS’s Cybersecurity and Infrastructure Agency (CISA) delves deeper into these backdoored cryptocurrency apps, a family of malware activity referred to as “AppleJeus. “Hidden Cobra” is the collective handle assigned to the hackers behind the AppleJeus malware.

“In most instances, the malicious application—seen on both Windows and Mac operating systems—appears to be from a legitimate cryptocurrency trading company, thus fooling individuals into downloading it as a third-party application from a website that seems legitimate,” the advisory reads. “In addition to infecting victims through legitimate-looking websites, HIDDEN COBRA actors also use phishing, social networking, and social engineering techniques to lure users into downloading the malware.”

The alert notes that these apps have been posing as cryptocurrency trading platforms since 2018, and have been tied to cryptocurrency thefts in more than 30 countries.

Image: CISA.

For example, the DOJ indictments say these apps were involved in stealing $11.8 million in August 2020 from a financial services company based in New York. Warrants obtained by the government allowed the FBI to seize roughly $1.9 million from two different cryptocurrency exchanges used by the hackers, money that investigators say will be returned to the New York financial services firm.

Other moneymaking and laundering schemes attributed to the North Korean hackers include the development and marketing of an initial coin offering (ICO) in 2017 called Marine Chain Token.

That blockchain-based cryptocurrency offering promised early investors the ability to purchase “fractional ownership in marine shipping vessels,” which the government says was just another way for the North Korean government to “secretly obtain funds from investors, control interests in marine shipping vessels, and evade U.S. sanctions.”

A copy of the indictments is available here (PDF).

Bluetooth Overlay Skimmer That Blocks Chip

As a total sucker for anything skimming-related, I was interested to hear from a reader working security for a retail chain in the United States who recently found Bluetooth-enabled skimming devices placed over top of payment card terminals at several stores. Interestingly, these skimmers interfered with the terminal’s ability to read chip-based cards, forcing customers to swipe the stripe instead.

The payment card skimmer overlay transmitted stolen data via Bluetooth, physically blocked chip-based transactions, and included a PIN pad overlay.

Here’s a closer look at the electronic gear jammed into these overlay skimmers. It includes a hidden PIN pad overlay that captures, stores and transmits via Bluetooth data from cards swiped through the machine, as well as PINs entered on the device:

The hidden magnetic stripe reader is in the bottom left, just below the Bluetooth circuit board. A PIN pad overlay (center) intercepts any PINs entered by customers; the cell phone battery (right) powers all of the components.

My reader source shared these images on condition that the retailer in question not be named. But it’s worth pointing out these devices can be installed on virtually any customer-facing payment terminal in the blink of eye.

Newer, chip-based payment cards are more costly and difficult for thieves to clone, but virtually all cards still store card data on a magnetic stripe on the back of the cards — mainly for reasons of backwards compatibility. This overlay skimmer included a physical component designed to block the payment terminal from reading the chip, forcing the customer to swipe the stripe instead of dip the chip.

The magnetic stripe reader (top right) worked with a component designed to block the use of chip-based payment cards.

What’s remarkable is that these badboys went undetected for several weeks, particularly given that customers would have been forced to swipe.

“In this COVID19 world, with counter and terminal wipedowns frequent it was surprising that nobody noticed the overlay placements for a number of weeks,” the source said.

I realize a great many people use debit cards for everyday purchases, but I’ve never been interested in assuming the added risk and pay for everything with cash or a credit card. Armed with your PIN and debit card data, thieves can clone the card and pull money out of your account at an ATM. Having your checking account emptied of cash while your bank sorts out the situation can be a huge hassle and create secondary problems (bounced checks, for instance).

Want to learn more about overlay skimmers? Check out these other posts:

How to Spot Ingenico Self-Checkout Skimmers

Self-Checkout Skimmers Go Bluetooth

More on Bluetooth Ingenico Overlay Skimmers

Safeway Self-Checkout Skimmers Up Close

Skimmers Found at Wal-Mart: A Closer Look

The Series A deal that launched a near unicorn: Meet Accel’s Steve Loughlin and Ironclad’s Jason Boehmig

The only people who truly understand a relationship are the ones who are in it. Luckily for us, we’re going to have a candid conversation with both parties in the relationship between Ironclad CEO and cofounder Jason Boehmig and his investor and board member Accel partner Steve Loughlin.

Loughlin led Ironclad’s Series A deal back in 2017, making it one of his first Series A deals after returning to Accel.

This episode of Extra Crunch Live goes down on Wednesday at 3pm ET/12pm PT, just like usual.

We’ll talk to the duo about how they met, what made them ‘choose’ each other, and how they’ve operated as a duo since. How they built trust, maintain honesty, and talk strategy are also on the table as part of the discussion.

Loughlin was an entrepreneur before he was an investor, founding RelateIQ (an Accel-backed company) in 2011. The company was acquired by Salesforce in 2014 for $390 million and later became Salesforce IQ. Loughlin then “came back home” to Accel in 2016, and has led investments in companies like Airkit, Ascend.io, Clockwise, Ironclad, Monte Carlo, Nines, Productiv, Split.io, and Vivun.

Not entirely unsurprising for a man who has dominated the legal tech sphere, Jason Boehmig is a California barred attorney who practiced law at Fenwick & West and was also an adjunct professor of law at Notre Dame Law School. Ironclad launched in 2014 and today the company has raised more than $180 million and, according to reports, is valued just under $1 billion.

Not only will we peel back the curtain on how this investor/founder relationship works, but we’ll also hear from these two tech leaders on their thoughts around bigger enterprise trends in the ecosystem.

Then, it’s time for the Pitch Deck Teardown. On each episode of Extra Crunch Live, we take a look at pitch decks submitted by the audience and our experienced guests give their live feedback. If you want to throw your hat pitch deck in the ring, you can hit this link to submit your deck for a future episode.

As with just about everything we do here at TechCrunch, audience members can also ask their own questions to our guests.

Extra Crunch Live has left room for you to network (you gotta network to get work, amirite?). Networking is open starting at 2:30pm ET/11:30am PT and stays open a half hour after the episode ends. Make a friend!

As a reminder, Extra Crunch Live is a members-only series that aims to give founders and tech operators actionable advice and insights from leaders across the tech industry. If you’re not an Extra Crunch member yet, what are you waiting for?

Loughlin and Boehmig join a stellar cast of speakers on Extra Crunch Live, including Lightspeed’s Gaurav Gupta and Grafana’s Raj Dutt, as well as Felicis’ Aydin Senkut and Guideline’s Kevin Busque. Extra Crunch members can catch every episode of Extra Crunch Live on demand right here.

You can find details for this episode (and upcoming episodes) after the jump below.

See you on Wednesday!

The Good, the Bad and the Ugly in Cybersecurity – Week 7

The Good

Eight members of a SIM-swapping gang that targeted thousands of U.S. individuals during 2020, including hundreds of social media celebs, musicians and sport stars, have been arrested in the U.K. The gang is thought to have stolen over $100 million by using social engineering lures or malicious insiders to hijack American cell phone accounts.

Having successfully persuaded a carrier to swap the victim’s real SIM number for one controlled by the attackers, the criminals were then able to access a victim’s incoming calls, text and voice messages, personal information, contacts and one-time passwords (OTPs) for sensitive software such as banking apps. The gang also stole Bitcoin from victims as well as hijacking social media accounts to commit further fraud.

The U.S. Secret Service, the Department of Homeland Security and the FBI were all involved in assisting Britain’s National Crime Agency in the operation. The eight arrested are males aged 18-26 and will face charges under the Computer Misuse Act. They are also expected to be prosecuted for fraud and money laundering, and U.S. prosecutors will be seeking extradition of the accused to the USA.

The Bad

It’s been a week for patching zero days, with both Windows Defender and Google Chrome hitting the headlines for serious vulnerabilities affecting millions of users, both at the Enterprise and Home user levels.

CVE-2021-21148 is a high-severity flaw in Chrome’s JavaScript engine, V8. Although few details have emerged, Google have said that it “is aware of reports that an exploit…exists in the wild”.

Browser zero-days are among the most highly prized by attackers given that for the majority of people browsers are their gateway to the internet, in constant use, and, if a vulnerability includes or can be chained with a sandbox escape, provide a powerful opportunity to take over the entire device. Some reports have speculated that CVE-2021-21148 may be the same vulnerability that Microsoft suggested was being used by the ZINC actors targeting security researchers. Google, however, have not confirmed that at the time of writing.

Speaking of Microsoft, Patch Tuesday came and went this week with the Redwood outfit patching no less than 56 bugs in its software, nine of which are said to be critical and at least one is believed to be actively exploited in the wild. Among the bug fixes was CVE-2021-24092, an elevation of privilege vulnerability in Windows Defender – the AntiVirus protection that comes installed by default on Windows devices – that had remained undiscovered since 2009.

1. Create a hard link to notepad.exe. 2. Simulate the load of BTR. 3. Notepad.exe is overwritten.

Eagle-eyed researcher Kasif Dekel discovered the vulnerability after noticing that a little-known internal driver, the Boot Time Removal Tool (BTR.sys), doesn’t normally reside on the system but is briefly dropped, activated, and then purged during Defender’s remediation process. Exploring the driver’s internal logic led Dekel to the bug, which potentially affects up to 1 billion devices. That’s the second Windows Defender zero-day discovered in a month.

The Ugly

While Microsoft and their users can be thankful for the hard work of security researchers, there’s little that can be done to protect those who refuse to protect themselves (and the rest of us) by ignoring basic security procedures, like: keep your OS up to date, don’t expose sensitive services directly to the internet (aka use a firewall!) and don’t use and share a common password. While many of us have tried to knock these simple cyber sins out of our nearest and dearest, it goes beyond the unthinkable when those responsible for our critical infrastructure are commiting such potentially deadly errors.

And so it turned out this week that a malicious hacker attempted to poison the drinking water supply of 15,000 residents in Oldsmar, Florida, by increasing the quantity of lye (sodium hydroxide) from the miniscule 100 ppm to a massively dangerous level of 11,100 ppm. The water treatment plant serving Oldmar was being controlled by a SCADA system still running the now-unsupported Windows 7 OS on multiple devices. To make matters worse, according to a State advisory for public water suppliers, the breached system was connected directly to the internet, leaving it exposed to anyone who happened to know or learn its IP address. To top it all, all the SCADA devices had a single password that had been shared among multiple users to facilitate remote logging in via TeamViewer.

The incident is being investigated by the County Sheriff’s office, the FBI and the Secret Service. At this time, it is not known whether the cyber attack was conducted by a foreign or domestic intruder, but with over 150,000 public water systems in the U.S, most of which are said to be underfunded, the need for each and every one to get up to speed with basic cybersecurity practices cannot be overstated.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Introducing Hack Chat, An Interview Series Hosted By Marco Figueroa

Hack Chat is a series of live conversations featuring real-life Red Team and Blue Team community leaders who are transforming the industry.

For the past four months, SentinelLabs has been working on a new interview series called Hack Chat, where we profile industry leaders from Red and Blue teams in cybersecurity and dive deep into what it takes to become great at their craft.

Below, Hack Chat host and Principal Threat Researcher at SentinelLabs Marco Figueroa explains the vision behind this innovative new series and gives a taste of what viewers are in store for.

More Than Just Another Podcast

“We know many technology and cybersecurity podcasts already exist in the market, but we wanted to bring something unique to our audience. Rather than having the traditional guest come on for an interview, we wanted to have technical practitioners from the offensive and defensive sides come on and provide insight into their expertise.”

With Some Extraordinary Guests

And the list of guests is a stellar line up of cybersecurity pros who are all leaders in their fields.

“To kick Season One off, I reached out to people that I’ve gotten to know personally over the years at conferences; people that have taught me a lot through conversations and the projects they’ve worked on or created. Over the years, I’ve gotten to know each guest from Season One very well, and I knew that if they had time during their busy schedules to join me for an in-depth conversation about various topics in their field of expertise, it would be a fantastic season.”

Get Ready for Hack Chat Season One!

It all kicks off today with the launch of Hack Chat Season One. We plan to release each Season with six guests: three red teamers and three blue teamers. According to Marco, Hack Chat was created to help cybersecurity professionals explore what it takes to become a cybersecurity expert.

Together with some of the leading practitioners who have inspired the industry in various ways, Marco and guests dive into their research and many other related topics: starting companies, building threat intelligence programs, APT Hunting, tool development, mindfulness, and transformative collaborations that have shifted the industry. The Hack Chat series explores the ins and outs of Red and Blue teaming and discusses the theory and practice that has propelled each of the guests to where they are today.

SentinelLabs is deeply invested in how to bring about knowledge to the cybersecurity community, and we see the Hack Chat series as a medium to help practitioners grow by hearing from leaders who find ways to make remarkable breakthroughs.

Here’s the guest list for Season 1 along with a taste of what you can expect.

HD Moore: The Journey of a Hacker and Entrepreneur

H.D. is a network security expert, open source programmer, and hacker. He is a developer of the Metasploit Framework, a penetration testing software suite, and the founder of the Metasploit Project. He has been referred to as “the industry’s most famous white hat hacker”, as well as an overall good dude.

In this episode of Hack Chat, we discuss what it takes to become good at hacking, and delve into his newest business venture—Rumble.

H.D. Moore
The Journey of a Hacker and Entrepreneur

“You really need to know some programming language, it really doesn’t matter the language: Ruby, Java, Javascript, Python, Go be comfortable writing code because there is so many things to do today if you can’t automate it or script it you really can’t understand it well.” – HD Moore, Hack Chat Season 1, Episode 1

JA Guerrero Saade: JAGS Hunting for APTs

Juan is a Cyber Paleontologist who has published game changing reports like Moonlight Maze which has been featured in the Washington D.C spy museum. He is formerly of GReAT, Google, Chronicle, and is the co-founder of Stairwell. Anyone who has seen Juan give a talk will agree he is a master of storytelling and always provides great value.

In this episode of Hack Chat, we discuss all things APT, reports that Juan has published in the past, and what it takes to hone your craft so you can find threat actors.

JA Guerrero Saade
Hunting for APTs

“Your response is about competence, you want to understand what they came for, understand what it is they got, what potential disruptive power that has to your organization.” – JAAGS, Hack Chat Season 1, Episode 2

Mubix: Keep Asking Questions as a Red Teamer

Mubix is a Red Teamer who is always looking for challenges and willing to learn anything to overcome it. Mubix continues to push the limits of his skills and is one of the most motivating people on Twitter, discussing everything Red Teaming.

In this episode of Hack Chat, we move into the mindset of learning new tools of the trade and how Mubix continues to elevate his skills.

Mubix
Keep Asking Questions as a Red Teamer

“I learn by doing myself, I ask everyone questions, any blog posts that I see I test and if it doesn’t work I ask why does the things don’t do what it’s supposed to.” – Mubix, Hack Chat Season 1, Episode 3

Chris Cochran: How to Build Threat Intelligence Platforms

Chris Cochran is a cybersecurity professional, leader, and content creator. Chris has extensive experience building and running strong cybersecurity programs and has a deep history and passion for security operations, engineering, and leadership.

In this episode, we dig deep into Threat Intelligence and what it takes to provide value to your stake holders.

Chris Cochran
How to Build Threat Intelligence Platforms

“Sit down with every stakeholder that can consume intelligence and figure out what it is they need to get their job done.” – Chris Cochran, Hack Chat Season 1, Episode 4

Chris Nickerson: The Red Team Grind & Hustle

Chris Nickerson is an Information Security industry veteran whose main area of expertise is focused on Red Teaming and Adversarial Modeling. In order to help companies better defend and protect their critical data and key information systems, he has created a blended methodology to assess, implement, and manage information security realistically and effectively.

In this episode of Hack Chat, we go into deep conversations about a Red Teamer’s work ethic and dedication to their craft. We also discuss the Sunburst supply chain attack, and Chris gives his insights on how bad this hack was to Solarwinds and the CyberSecurity industry.

Chris Nickerson
The Red Team Grind & Hustle

“I had great mentors; I’ve done everything that I could to contribute to the community, through a hard work ethic, speaking engagements, helped elevate people” – Chris Nickerson, Hack Chat Season 1, Episode 5

Ronald Eddings: SOARing

Ronald Eddings is an expert in scaling assets and applications on premises and in the cloud. Today’s network architecture creates a degree of complexity that often leads to misconfigurations and vulnerabilities. As a leader in security architecture, Ronald assists organizations scale security controls while reducing complexities that analysts and engineers face.

In this episode of Hack Chat, we go into the importance of Devops automation and how corporate networks need to begin investing in SOAR.

Ronald Eddings
SOARing

“Really understanding what is your use case, why are you attempting to secure something, what does that mean to you, will help you build a strategy and select the right tools, the right automation for the right strategy and implementation.” – Ronald Eddings, Hack Chat Season 1, Episode 6

So How Do You Get Hack Chat?

We’re sure you’ll agree that a line up like that is going to make for a fantastic season of Hack Chat that you just won’t want to miss!

You can tune in to all the interviews and get notified when each new Hack Chat is out right here.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security