Posts

Ophir Harpaz of Guardicore Wins Rising Star Leadership Award from SC Media

Boston, Mass. and Tel Aviv, Israel – September 23, 2019 – Guardicore, a leader in internal data center and cloud security, today announced that Ophir Harpaz, Security Researcher, Guardicore has been named a winner in the third-annual SC Media Reboot Leadership Awards, earning the distinction in the Rising Star category. A total of 50 honorees were revealed as part of a special editorial section published today at SC Magazine.

“Ophir represents the very best of what it means to be a contributing member of the information security community. Her curiosity leads her forward daily to uncover the most dangerous tools and techniques employed by today’s adversaries, and to share her findings through blog posts, workshops and talks. She is passionate about leveraging her position to elevate and educate young women and her fellow researchers and dedicates her time freely to pass on all she has already learned,” said Ofri Ziv, Vice President of Research, Guardicore and Head of Guardicore Labs. “We applaud her for her achievements and look forward to her continued success.”

The Reboot Leadership Awards are an adjunct to SC Media’s annual Reboot coverage that takes place each December when SC Media recognizes the best and brightest cybersecurity luminaries and organizations. The Reboot Leadership Awards are offered similar accolades. The winners are honored with a special section on SC Media’s website and in their December Reboot edition.

The contenders who were nominated faced a thorough judging process conducted by SC Media’s editorial team. This included a review of their professional backgrounds, references and work undertaken to benefit the wider industry, as well as any other research deemed necessary. Winners were chosen based on their outstanding service, qualifications and advancements in the cybersecurity industry.

“There were no shortage of quality nominations this year as we reviewed the various candidates for our coveted Reboot Awards,” said Teri Robinson, executive editor, SC Media. “However, after a thorough evaluation process, it was clear that Ophir truly distinguished herself through her valuable contributions and industry influence.”

Ophir is becoming one of the world’s foremost experts in cybercrime research, preventing millions of dollars of damage for some of the world’s most valuable companies. Most recently, she has led research on the Nansh0u crypto mining and Smominru botnet campaigns, as well as took part in the development of Guardicore’s publicly available Cyber Threat Intelligence threat feed. She is also an active member of Baot, a community for women in software development and research positions in the Israeli high tech industry, and dedicates copious time to education and contribute to the world. She is a true believer in the information security world being a community. As part of that approach, she runs the website begin.re, a popular resource for learning reverse engineering, and regularly shares insights from her daily life in cybersecurity via social media. In fact, Ophir was selected by Sentinel One as one of 21 Twitter profiles worth following and by Cybersecurity Ventures’ Cybercrime Magazine as one of the industry’s recommended list of women to follow on Twitter.

About SC Media

SC Media is cybersecurity. They’ve lived it for over 30 years, sharing industry expert guidance and insight, in-depth features, timely news and independent product reviews in various content forms in partnership with and for top-level information security executives and their technical teams. SC Media arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies. They deliver breaking news, comprehensive analysis, cutting-edge features, contributions from thought leaders, and the best, most extensive collection of product reviews in the business. Whether through their comprehensive website, magazine, in-depth ebooks, newsletters, or regularly scheduled digital and live events, such as their SC Awards program and their RiskSec conference, their readers gain all the relevant information they need to safeguard their organizations and, ultimately, contribute to their longevity and success.

About Guardicore

Guardicore is a data center and cloud security company that protects your organization’s core assets using flexible, quickly deployed, and easy to understand micro-segmentation controls. Our solutions provide a simpler, faster way to guarantee persistent and consistent security — for any application, in any IT environment. For more information, visit www.guardicore.com.

Have You Heard the News? Guardicore Employees Making Waves in Cybersecurity

Here at Guardicore, our employee successes are always a cause for celebration. We love seeing their names up in lights when they gain media attention for their achievements in cybersecurity and beyond.

With that in mind, let’s take a closer look at some of our Guardicore family who have hit the headlines recently, and understand why the Guardicore culture promotes and attracts this kind of success.

Encouraging our Diverse Voices

Ola Sergatchov, our Vice President of Corporate Strategy, was recently recognized as one of The Software Report’s Top 25 Women Leaders in Cybersecurity for 2019. An Executive Leader at Guardicore, Ola encourages women in technology to pursue both technical and leadership positions with creativity, integrity, and determination. Ola has more than 20 years in the industry, and combines technical knowledge with strategic business experience and an innovative flair.

On the topic of awesome Guardicore women who are gaining press attention, check out Danielle Kuznetz Nohi, Guardicore’s Information Security Researcher and Team Leader, featured in this article on female voices that are making a difference in cybersecurity. She talked about how she looks for the right skill set and personality when she is hiring for her team, applicants who show creativity, communication, organization and superb management ability.

Age is Just a Number

An open mind when it comes to hiring practices is an area where many companies fall short, often focusing on the age and experience of candidates rather than their skills and raw talent and potential to contribute. In contrast, at Guardicore we look for the right talent, no matter where it comes from. Rather than restricting ourselves to one ‘type’ of person, we look for interesting people with fresh ideas who can add to our teams. Omri’s story has attracted a lot of interest, as he was just 18 years old when he came to work for us. His high school teacher had sparked his interest by teaching him Scratch, and he began developing his own applications and programming websites.

When Omri applied to Guardicore, Daniel Goldberg, our Information Security Expert and Security Researcher, said that the decision to hire him was an easy one, although he knew that Omri could only join the team for a few months and then would leave for his army service. He saw the win-win nature of the situation, and said yes where others may have said no. Tangling with the bad actors and malicious hackers that only the top percentage of security experts ever grapple with is an unusual experience for any teenager, and one that Omri feels has prepared him for both his army intelligence unit, and an ongoing career in hi-tech.

Innovation and Fresh Thinking

A fresh voice shouting out from the frontlines of cybersecurity research, Ophir Harpaz is a reverse-engineering enthusiast, sharing her skills through her pet project, begin.re where even beginners can get some hands-on advice and knowledge. She was recently featured in 21 Cybersecurity Twitter Accounts You Should Follow for bestowing her insight and practical know-how to the masses. Innovative and exciting, it’s easy to see why she is such a good fit for Guardicore Labs.

Sharing her own story on her experience in cybersecurity, Product Manager, Avishag Daniely was recently featured in ITSP magazine, giving her fresh and unique perspective on how minorities in the workplace can fight their fear of failure.

We encourage our staff to work on their own unique personal goals, and then use these to excel in the workplace, too. Expanding the company’s global footprint and extending the search for talent to new markets is increasingly important. With this in mind, for Avishag, becoming confident in business Spanish, learning to present and hold meetings in this language helped her to close the culture gap, whether she was making new connections, presenting to large audiences, or building informal relationships while she temporarily relocated abroad.

The Best People for the Job

Despite the company experiencing great growth over the past few years, one unique element of Guardicore is that we still manage to keep a truly caring culture, the feeling of being one big family, celebrating one another’s successes.

I believe that this has a lot to do with our hiring practices, and how we create a strong, cohesive culture that runs through everything we do as a company. Tune in to my next blog to hear about the steps we put in place to make this happen.

What’s New in Infection Monkey Release 1.6

We are proud to announce the release of a new version of the Infection Monkey, GuardiCore’s open-source Breach and Attack Simulation (BAS) tool. Release 1.6 introduces several new features and a few bug fixes.

The Next Gen Infection Monkey is Here

We are pleased to announce a new version of our Infection Monkey open source attack simulation tool with several significant enhancements. We first introduced the Infection Monkey in 2016 and have continuously developed and supported it. Part of what we did came from feedback we received from our community so thanks everyone for contributing!

Highlights from Black Hat & DEFCON

I spent the last week at the “Hacker Summer Camp” of Black Hat and DEFCON. Besides meeting people and enjoying the dual craziness of the DEFCON crowd and the Black Hat business hall, we also gave a well received lecture – Escalating Insider Threats using VMWare’s API. Ofri Ziv, Head of GuardiCore labs, presented a backdoor we discovered in VMware’s remote administration API, enabling vSphere users to quickly and easily take over guest machines without providing guest credentials

Escalating Insider Threats Using VMware’s API

VMware vSphere is the most widely used virtualization platform for on-premises data centers. Similarly to other virtualization platforms, it basically relies on host servers running guest machines. These hosts and guest machines can be managed using administration interfaces such as vSphere API and VIX API. The GuardiCore Labs team has discovered a vulnerability in the vSphere infrastructure that can be exploited using VMware’s Virtual Infrastructure eXtension (VIX) API. This vulnerability allows an attacker to remotely execute code on guest machines, bypassing the need for guest authentication.

Guardicore Labs to Disclose Vulnerability in VMware vSphere at Black Hat USA 2017: From vSphere User to Guest Remote Code Execution

Session to Address Vulnerability That May Allow a vSphere User to Take Over Data Center Guest Machines

San Francisco, CA and Tel Aviv, Israel – GuardiCore, a leader in internal data center and cloud security, today announced it would unveil a significant vulnerability affecting all recent VMware vSphere versions including 6.5, 6.0, 5.5 and provide mitigation at the upcoming Black Hat USA 2017.

Read more

GuardiCore Announces GuardiCore Labs

Global Research Team Focused on Critical Cyber Security Analysis and Investigation to Benefit the Community through Publications and Timely Disclosure of New Advanced Threats Targeting Data Centers and Clouds

San Francisco, CA and Tel Aviv, Israel – GuardiCore, a leader in internal data center and cloud security, today announced GuardiCore Labs, a global cyber security research team that conducts in-depth research and analysis, providing the security industry with actionable insights into the latest and most advanced threats facing data centers and clouds. GuardiCore Labs delivers cutting-edge breach detection and response methodologies to help GuardiCore customers continually enhance their security posture to protect critical business applications and infrastructure.

Read more