Increasing the Efficiency of your Security Operations

grey-title

I first met Andrew Morris a few years ago when he was volunteering at a MAVA event. He pitched me his idea for GreyNoise and I really liked it. Being able to track different types of Internet scanning activity so you can remove this noise from your event stream is a great way to increase the effectiveness of your teams and tools. I liked his vision of supporting the community and having free and commercial APIs. Fast forward to now, Andrew was able to complete his initial funding and I am thrilled that Gula Tech Adventures (as an investor of Innerloop Capital) is working with him. Read More…

Cyber and CyberSecurity is a Team Sport

group1

Cyber has an identity crisis. Most people think it is someone else’s problem. The reality is cyber is all of our issues. It is personal. But the challenge is how do we engage people to understand they have a role to play. Read More…

Interview with, Arun Buduri, Pixm President and Co-Founder

pixm
We have been working with Pixm since early 2017 and felt their computer vision approach to detecting and stopping phishing attacks was unique and effective. Pixm recently launched their free for personal use and business solutions. I conducted an interview with Pixm president and co-founder Arun Buduri and we covered the current state of phishing, how computer vision helps combat phishing and the new personal use and business offerings. Read More…

Have Meltdown or Spectre made you change ANY of your cyber security strategies?

1*TQewK00duGbvgqHIiK3U0Q

Both of these vulnerabilities have been upon us for just under a week now and yet I’ve only really heard cyber hygiene (patch your systems and monitor for trouble) discussed as viable approaches to this problem. Cyber hygiene is indeed very important, but there are many strategic and tactical issues that should be on the table for discussion in response to these vulnerabilities — and vulnerabilities like them we will face in the future. In this blog, I will look at this from a cyber practitioner’s point of view and recommend some strategies you’ve looked at in the past but perhaps your organization hasn’t adopted yet.

Read More…

ABS, SDS & TIG — Three New Cyber Emerging Market Categories You Should Know



0*WZQR4nN5JP1T6AEF
The cyber industry continues to innovate and offer new ways to help organizations stay secure and compliant. Over the past few months I’ve observed analyst, media and pundit coverage of three new cyber product categories — software defined segmentationthreat intelligence gateways and automated breach simulation. All three offer many new ways to increase the effectiveness and efficiency of your security programs. I will discuss each briefly and reference relevant Gula Tech Adventures portfolio companies in these new categories.
Read More…

How do you monitor “East — West” Network Traffic?

0*r8a0VRvEElkOP_-1
If your organization does not have a strategy for monitoring network communications between each of the network nodes, you are potentially missing a wide variety of malicious lateral movement and not collecting forensics which could be analyzed after an attack. In this post I will examine what east-west traffic monitoring means, how various organizations are dealing with this problem.
Read More…

Interview with Huntress Labs CEO, Kyle Hanslovan — Detecting advanced threats in small companies


0*VIV_HSsJ1W0-Pc1o

Kyle Hanslovan — CEO Huntress Labs

Gula Tech Adventures recently participated in Huntress Lab’s seed round. This portfolio company brings the power of modern threat detection to managed service providers. I was able to catch up with their founder and CEO, Kyle Hanslovan, before he headed out to BlackHat 2017 and asked him a few questions.

Read More…

Memorizing Anything Including Hostile URLs and Malware Hashes with Polarity

0*Kp1er4YSjo8XlEiq
Early this year, Gula Tech Adventures and Strategic Cyber Ventures invested in a memory augmentation company named Polarity. Both of our funds focus on next generation cyber security companies and as such, I often get asked, “Why Polarity?”. I answer, “It makes every security team more efficient regardless of what tools, technology or data they use.”.
Read More…

What is your reason for not patching MS17–010 — the main vulnerability behind WannaCry?

0*UvcKlP7mpNCZORDZ
In April 14 2017, Shadow Brokers released information about an exploit tool written by the NSA called Eternal Blue. This tool exploited a zero day in Microsoft Windows covered by their MS17–010 update. The patch proceeded the disclosure as Microsoft issued MS17–010 on March 14, 2017. The WannaCry worm first got heavily noticed on Friday, May 12, 2017.
Read More…

Patching Systems with AutoMox

0*SOZQ2QrqLhFvAAwD
I’ve heard almost every excuse there is for not patching a system. While at Tenable Network Security, I got to focus on helping organizations identify their biggest cyber risks which usually meant patching vulnerabilities.
Read More…

CERT’s Blacklist Ecosystem Analysis: 2016 Update

0*bZjN9yQ4oqW-t-Nm
If you are not aware of CERT’s work in tracking the “IOC”, “threat sharing” and “threat feed” space, I highly suggest you take a look at their most recent update to the Blacklist Ecosystem Analysis paper.
Read More…

RSA 2017 Vendor Vocabulary — “Agent-less” Solutions and “Machine Learning”


0*dPdSViVxqeoVT6du
As we prepare to descend on San Fransisco for the 2017 RSA conference, I wanted to take a moment and write a bit about a two terms cyber security vendors are using and the types of questions you should ask as a potential buyer, investor, partner or acquirer of these solutions. These terms are “Agent-less” and “Machine Learning”.
Read More…