https://www.wired.com/story/tom-bossert-trinity-active-threat-interference/
By Andy Greenberg
Security
Wired.com
07.29.19
Not long before Tom Bossert was pushed out of his role last year as the White
House's top cybersecurity official, a public remark he made at the World
Economic Forum in Davos, Switzerland, raised eyebrows. Bossert wanted, he said,
to introduce policies that would let the US government "get our hands around
the necks" of the enemy hackers who cost the US billions of dollars every year.
Reporters, and some fellow officials, took the comment a little too literally;
after the talk, Bossert found himself explaining that he didn't mean actual,
physical violence.
Today, however, Bossert is in business for himself, pitching an approach that's
almost as aggressive, if somewhat more subtle: getting his hands around the
network communications of enemy hackers, and using that choke point to inflict
confusion, cost, and (figurative) pain.
After a year largely out of public view, Bossert today revealed his role as
cofounder of a startup called Trinity, along with CEO Steve Ryan, a former
deputy director of the NSA's Threat Operations Center, and Marie "Neill"
Sciarrone, a former BAE Systems exec who served as a cybersecurity adviser to
George W. Bush. Backed by $23 million in investment led by Intel Capital,
Trinity offers what Bossert describes as a "third way" between traditional
cyberdefense and private sectors "hacking back" to play offense.
Instead, Trinity will offer its customers a service that Bossert describes as
"active threat interference." It will, essentially, place itself between a
company's network and the hackers targeting it, monitoring all incoming and
outgoing traffic for signs of foul play. When it finds malicious activity,
Trinity promises not merely to alert the customer to the attempted intrusion or
block it, but instead to alter it, messing with the hackers' tools -- and their
minds.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
