SecurityCertified

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Thursday, March 17, 2011

Bejtlich Joining MANDIANT as CSO and Security Services Architect

Posted on 6:40 AM by Unknown
In June 2007 I posted that I was joining General Electric as Director of Incident Response. Since then I helped build and lead GE-CIRT from an "army of one" into a team of 40 analysts. It was an honor and a privilege to work with my team, but today I am announcing that I've accepted a new challenge.

Effective 1 April I will be Chief Security Officer and Security Services Architect for MANDIANT, where I will build teams, tools, and capabilities to provide managed detection and response services. You can read the press release at the MANDIANT Web site or Businesswire if you're so inclined, as well as a MANDIANT blog post.

I am really looking forward to this new opportunity. I worked for Kevin Mandia in 2002-2004 with Foundstone and for Travis Reese in 2004-2005 at ManTech International Corp.'s CFIA division. When I left ManTech to concentrate 100% on TaoSecurity, the first consulting I did was for Red Cliff, the precursor to MANDIANT. I also know many current members of the MANDIANT team from those three roles and subsequent relationships.

I believe in MANDIANT's mission and vision, which is important to me. While I enjoyed defending one enterprise with my old team, at MANDIANT I will be able to assist multiple organizations. As a member of the MANDIANT executive team I will also help set the direction for the company and will be able to work with the product, consulting, training, and managed services groups.

While many of you are familiar with MANDIANT's famous incident response consulting force, you may not be aware that the company continues to build a managed services team to provide dedicated, long-term detection and response options. By the end of the second quarter I expect my colleagues and I in the security services group to be announcing new job opportunities for those who enjoy hunting digital intruders. MANDIANT is already hiring aggressively for security talent, so keep your eyes on the job site for more information.

As you might expect, I plan to continue writing TaoSecurity Blog and sending TaoSecurity Tweets. I will still provide training such as TCP/IP Weapons School, but I expect to keep the same low number of classes as was the case with my previous employer. Currently I will be teaching at GTEC in DC on 31 May - 1 June, and then at Black Hat USA 30-31 July and again on 1-2 August. Two classes for USENIX this summer are still in coordination.

I enjoyed interacting with all of you over the last four years wearing my old hat, and I look forward to staying in touch via social media and at conferences in my new role! Thank you.

Tweet
Email ThisBlogThis!Share to XShare to Facebook
Posted in mandiant | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Review of Intelligence, 4th Ed Posted
    Amazon.com just posted my five star review of Intelligence: From Secrets to Policy, 4th Ed by Mark Lowenthall . From the review : I was a...
  • SQL Injection Challenge and Time-Based Security
    Thanks to this Tweet by @ryancbarnett, I learned of the lessons learned of the Level II component of the ModSecurity SQL Injection Challen...
  • Practice of Network Security Monitoring Table of Contents
    Since many of you have asked, I wanted to provide an updated Table of Contents for my upcoming book, The Practice of Network Security Monito...
  • C-SPAN Posts Video of Tuesday Hearing
    You can now access video of Tuesday's House Select Committee on Intelligence Hearing on Cybersecurity at C-SPAN . Some people are alread...
  • Bejtlich's Thoughts on "Why Our Best Officers Are Leaving"
    Twenty-two years ago today I flew to Colorado Springs, CO and reported for Basic Cadet Training with the class of 1994 at the United States ...
  • A Book for the Korean Cyber Armies
    I've got a book for the Korean cyber armies, North and South. That's right, it's my first book , The Tao of Network Security Mo...
  • Bejtlich Teaching at Black Hat West Coast Trainings
    I'm pleased to announce that I will be teaching at  Black Hat West Coast Trainings  9-10 December 2013 in Seattle, Washington. This is a...
  • Mandiant APT1 Report: 25 Best Commentaries of the Last 12 Days
    Two weeks ago today our team at Mandiant was feverishly preparing the release of our APT1 report . In the twelve days that followed public...
  • Tort Law on Negligence
    If any lawyers want to contribute to this, please do. In my post Shodan: Another Step Towards Intrusion as a Service , some comments claim ...
  • Review of America the Vulnerable Posted
    Amazon.com just posted my five star review of America the Vulnerable by Joel Brenner. I reproduce the review in its entirety below. I'...

Categories

  • afcert
  • Air Force
  • analysis
  • announcement
  • apt
  • attribution
  • bestbook
  • blackhat
  • books
  • breakers
  • bro
  • bruins
  • certification
  • china
  • cisco
  • cissp
  • cloud
  • clowns
  • commodore
  • conferences
  • controls
  • correlation
  • counterintelligence
  • cybercommand
  • cyberwar
  • dfm
  • education
  • engineering
  • feds
  • fisma
  • freebsd
  • GE
  • ge-cirt
  • hakin9
  • history
  • impressions
  • information warfare
  • ipv6
  • law
  • leadership
  • malware
  • mandiant
  • microsoft
  • mssp
  • nsm
  • offense
  • oisf
  • packetstash
  • philosophy
  • pirates
  • powerpoint
  • press
  • psirt
  • reading
  • redteam
  • reviews
  • russia
  • sans
  • sec
  • sguil
  • snorby
  • spying
  • threat model
  • threats
  • Traffic Talk
  • training
  • tufte
  • tv
  • ubuntu
  • usenix
  • verizon
  • vulnerabilities
  • wisdom
  • writing

Blog Archive

  • ►  2013 (16)
    • ►  September (1)
    • ►  August (1)
    • ►  June (2)
    • ►  April (2)
    • ►  March (1)
    • ►  February (3)
    • ►  January (6)
  • ►  2012 (60)
    • ►  December (4)
    • ►  November (5)
    • ►  October (3)
    • ►  September (10)
    • ►  August (2)
    • ►  July (6)
    • ►  June (6)
    • ►  May (4)
    • ►  April (2)
    • ►  March (9)
    • ►  February (6)
    • ►  January (3)
  • ▼  2011 (108)
    • ►  December (3)
    • ►  November (7)
    • ►  October (11)
    • ►  September (9)
    • ►  August (18)
    • ►  July (10)
    • ►  June (5)
    • ►  May (4)
    • ►  April (13)
    • ▼  March (17)
      • All Reading Is Not Equal or Fast
      • Review of Hacking Exposed: Web Applications, 3rd Ed
      • Review of iOS Forensic Analysis Posted
      • Review of Computer Incident Response and Product S...
      • Review of pfSense: The Definitive Guide Posted
      • Mini-Review of The Book of Pf Posted
      • Review of Kingpin Posted
      • Report on Declarations of War
      • Requesting Comments on Open Information Security F...
      • Initial Thoughts on RSA "APT" Announcement
      • Bejtlich Joining MANDIANT as CSO and Security Serv...
      • Report on Instances of US Forces Abroad
      • Bejtlich Teaching Special Session of TCP/IP Weapon...
      • Experts Talk US-China Security Issues, Part 2
      • Experts Talk US-China Security Issues, Part 1
      • Review of Cyber Attacks Posted
      • Bejtlich Teaching Two Sessions at Black Hat USA 2011
    • ►  February (2)
    • ►  January (9)
  • ►  2010 (193)
    • ►  December (14)
    • ►  November (11)
    • ►  October (6)
    • ►  September (16)
    • ►  August (15)
    • ►  July (26)
    • ►  June (15)
    • ►  May (15)
    • ►  April (15)
    • ►  March (16)
    • ►  February (19)
    • ►  January (25)
  • ►  2009 (123)
    • ►  December (10)
    • ►  November (17)
    • ►  October (21)
    • ►  September (13)
    • ►  August (20)
    • ►  July (21)
    • ►  June (21)
Powered by Blogger.

About Me

Unknown
View my complete profile