At this weekend’s BSides NYC, Dr. Jonathan Fuller, CISO of the U.S. Military Academy at West Point, delivered an extremely clear talk on how modern malware hides its command-and-control (C2) infrastructure through dead-drop resolvers. Fuller, who co-authored Georgia Tech’s VADER project, described how adversaries increasingly use public platforms-GitHub, Dropbox, Pastebin, ... Read More

And what does it tell us about Cybersecurity?As the founding CEO of StackStorm and now DeepTempo, I’ve seen how the needs of CISOs and SOCs have changed over the last 10+ years.New challenges and a better color scheme!When we started StackStorm, the cybersecurity landscape was different. Our power users rarely asked for ... Read More

It’s been a few weeks since the marketing excesses of the RSA Conference, and a quick glance at any day’s headlines confirms: attackers are collaborating and innovating faster than defenders can keep up. DeepTempo empowers security teams with purpose-built deep learning to detect threats earlier, streamline SOC workflows, and boost ... Read More

Learn the Bitter LessonBitter Lesson, an essay by one of the creators of reinforcement learning, first published back in 2019, recently made the rounds again now that its author, Professor Richard Sutton, was named a winner of this year’s ACM Turing Award. In it, he points out that general methods have ... Read More

How can a friendly Eye of Sauron help the Wizards?Cloud security is evolving beyond silos. Wiz’s meteoric rise has been powered by a fresh approach: an agentless, graph-based view of risk context across the cloud stack that supplanted a number of point solutions and created the Cloud-Native Application Protection Platform category ... Read More

In the last few weeks, I’ve done some learning in public, interviewing three of our advisors and making those interviews public on YouTube for all to see.I chatted with Steve Zalewski, former CISO at Levi Strauss (LinkedIn); Julie Tsai, former CISO at Roblox (LinkedIn); and Brennan Lodge, Director of Information Security ... Read More

Invisible C2 — thanks to AI-powered techniquesJust about every cyberattack needs a Command and Control (C2) channel — a way for attackers to send instructions to compromised systems and receive stolen data. This gives us all a chance to see attacks that are putting us at risk.LLMs can help attackers avoid signature based detectionTraditionally, C2 ... Read More

We’re losing — but it can’t get any worse, right?LLMs are being used in many ways by attackers; how blind are you?We’re spending hundreds of billions and losing trillions in cybersecurity. The industry structure is partially to blame. AI is here to help, right? Well, as others have pointed out, AI is being adopted ... Read More

When we introduce our Tempo LogLMs — we often explain that Tempo is a Foundation Model. But what is a foundation model? And is there a difference between cybersecurity foundation models and foundation models used in cybersecurity? In this blog, I briefly discuss those subjects.Yes, I am not a neutral observer here ... Read More

Recently we reached a milestone in our design partnership with BNY, one of the world’s preeminent financial institutions and our nation’s oldest bank. You can read more about this milestone in our official announcement of our graduation from BNY’s Ascent program and can read much more about our approach in ... Read More