SciSec Team Applies Creativity, Curiosity and Innovation to Help Security Teams Work Smarter and Protect Organizations from Threats

Today Devo announced Devo SciSec, which brings together a talented team of threat research, advanced data science, and machine learning experts under the leadership of CTO Gunter Ollmann to help our customers preemptively detect and mitigate entire classes of threats.

See and hear what Gunter has to say about SciSec in this video.

Even before their formal introduction, the SciSec team has been busy delivering value-added capabilities to Devo customers, including:

• MITRE ATT&CK Adviser: A new application that enables Devo customers to operationalize the MITRE ATT&CK matrix to identify coverage gaps in detection and data sources. Register here for our June 30th webinar.
• Continuous content delivery: Customers now have access to an ever-expanding set of hundreds of use-case, technology-specific, and emerging threat detections.
• Adversary Simulation: SciSec created the open-source AdSim, which crafts attack scenarios to run simulations and test cybersecurity defenses. AdSim validates and ensures the efficacy of new detection content.

Because SciSec is driven by the skills and experience of its experienced team, we asked a few members what motivates them in their work and how they apply actionable intelligence and innovation to improve SOC efficacy and help security teams work smarter.

Mike Lyons, Senior Product Manager, Devo Security Operations (SecOps):
“The SciSec team focuses on invention, doing something that’s head and shoulders above what anyone else can do in the industry. Our work is aimed at delivering the autonomous SOC, which will relieve analysts from all of the manual oversight and the standard operating procedures they follow today. We’re hoping to prove it doesn’t have to be that way. We’re taking the Devo Platform, which already has a strong data layer, and augmenting it with streaming analytics, data science, and behavioral anomaly detection. Being able to track those entities for our customers and produce — at scale — the industry’s first behavioral analytics platform, where we make it easy and simple to add those use cases represents a huge opportunity to shift the focus in the SOC from manual processes to autonomous ones. We call ourselves SciSec because we’re fusing security research and data science.”

Chris Phillips, Senior Security Researcher:
“I come from a penetration testing background where I was paid to hack into stuff. That was cool work, but the opportunity to work in IT security has led me to Devo. And as far as the work we’re doing for the Devo SciSec team, the more content we develop, the better our product is, and the better our customers are protected. It’s rewarding to help them protect their information. At the end of the day, I think we’re making the world a better place through technology.”

David Wolf, Senior Security Researcher:
“With SciSec, Devo has assembled an incredible team of machine learning scientists who create models that result in product innovation and an equally incredible team of security content engineers that produce incremental ones. I’m most excited by disruptive innovation where you make a large, even quantum leaps forward. When a disruptive innovation succeeds it means we have developed a prototype we can push across the finish line into a product because we have the resources to properly fund and engineer it. There’s also radical innovation that is fixed on transforming, even transcending, disruptive innovations in things such as business processes developed by and for companies that want to do something different to meet the needs of their customers. It’s about dissecting and solving problems and using our creativity, curiosity and inventiveness to overcome them. And when we do, it’s a reason to celebrate.”

James Zheng, Technical Product Manager:
“One reason I was drawn to Devo in general and the Sci Sec team, in particular, is because of the autonomous SOC and its innovative use cases. The one thing that stood out to me is the speed at which I’ve been able to get up to speed and contribute to our projects. That includes things like collective defense, which is Devo’s version of collecting and operationalizing customer data. There are also use cases that are unique to us, amplified for exploration and refinement by the fast and powerful Devo Platform. My experience on the SciSec team has been enjoyable and fulfilling. The opportunity our team has to make a difference for customers is what gets me out of bed every morning.”