- Job title of nominated professional: Research Team
- Company (where nominated professional or team is working): Digital Shadows
- Website: http://www.digitalshadows.com
- Company size (employees): 100 to 499
- Country: United States
- Headquarters Region: North America
In 3 bullets, summarize why this professional or team deserves recognition:
1.The Photon team is a dedicated research team within Digital Shadows with specific remit to track the latest security trends and breaking news incidents. In November 2018, the team partnered with the BBC for an investigation that revealed how private messages from over 81,000 Facebook had been compromised and sold online (https://www.bbc.co.uk/news/technology-46065796). Photon members followed up their research through a variety of interviews with international media as well as its own series of articles and podcasts aimed at informing the public of the most relevant facts pertaining to this major news story. Given the team’s pedigree, it is regularly contacted by major media outlets for assistance with breaking stories and ongoing investigations, including the BBC, Motherboard, CNBC and Forbes.
2.Photon conducts 100% primary research, often focusing on underreported risks and threats. In April 2018, the team shone a light on the risks of unintentional exposure by third parties and contractors who have left over 1.5 billion files exposed through misconfigured file sharing services (https://news.sky.com/story/15bn-sensitive-files-are-exposed-on-the-internet-security-researchers-say-11317698). The team has unrivaled insight into the places where cyber criminals collaborate, communicate and seek to exchange stolen information, which was exemplified with their cutting-edge research into the evolution of the cybercriminal ecosystem following the takedowns of the AlphaBay and Hansa marketplaces (https://www.theregister.co.uk/2018/06/07/cybercrime_bazaar_to_telegram/).
3.The Photon team are a trusted and respected group of experts who actively engage with the wider information security community. Photon has been at the forefront of increasing awareness of the MITRE ATT&CK and Pre-ATT&CK frameworks, which are set to become one of the most widely used security methodologies among practitioners. As well as partnering with the MITRE Corporation on the team’s ShadowTalk podcast, Photon team members have directly contributed to public knowledge by mapping the attack techniques of one of the most prolific threat actors in operation today, APT-28 (https://attack.mitre.org/groups/G0007/).
In less than 300 words, summarize the achievements of the professional or team in the nominated category
Photon is Digital Shadows’ threat intelligence and security research team. Comprised of security engineers, intelligence analysts, researchers and the Digital Shadows CISO, Rick Holland, the Photon team is dedicated to researching and tracking the latest security trends and breaking news incidents, representing findings “as it is” and without fear, uncertainty or doubt. Photon’s primary focus is to protect and inform Digital Shadows customers, but has a wider remit and responsibility to inform businesses and individuals around the world via media and Digital Shadows channels of the threats against them.
The team is international with members all over the world and proficient in 30+ languages. Photon provides 24×7 global coverage as news breaks, and has been a voice of reason and expert commentary on some of the largest news stories of the year, including nation state activity against the United States and breaches of user privacy by major technology organizations such as Facebook. The team is comprised of diverse skill sets with backgrounds in law enforcement, white hat security operations and internal security teams.
Top Research Reports, Blogs and Interviews can be found at http://resources.digitalshadows.com and some highlights below:
– The BEC research blogs: https://www.digitalshadows.com/blog-and-research/business-email-compromise-when-you-dont-need-to-phish/
– Threat modeling: https://www.digitalshadows.com/blog-and-research/what-exactly-is-a-threat-model-and-why-organizations-should-care/
– Keep your eyes on the prize: https://www.digitalshadows.com/blog-and-research/keep-your-eyes-on-the-prize-attack-vectors-are-important-but-dont-ignore-attacker-goals/
– NonPetya: https://www.digitalshadows.com/blog-and-research/petya-like-wormable-malware-the-who-and-the-why/
– MongoDB: https://www.digitalshadows.com/blog-and-research/how-the-frenzy-unfolded-analyzing-various-mongo-extortion-campaigns/
– A model of success: https://www.digitalshadows.com/blog-and-research/a-model-of-success-anticipating-your-attackers-moves/
– Plan is mightier than the sword: https://www.digitalshadows.com/blog-and-research/the-plan-is-mightier-than-the-sword-resources/
– Plumbing the depths: https://www.digitalshadows.com/blog-and-research/plumbing-the-depths-the-telnet-protocol/
– CNBC: https://www.cnbc.com/2018/12/27/uk-defense-minister-admits-grave-concerns-over-huawei-5g-equipment.html
– MotherBoard: https://motherboard.vice.com/en_us/article/pa5vwb/hacker-banner-ads-are-totally-wild
– BEC Research Report: https://resources.digitalshadows.com/whitepapers-and-reports/cybercriminals-on-the-outlook-for-your-emails
– Too Much Information Research Report: https://resources.digitalshadows.com/whitepapers-and-reports/too-much-information-misconfigured-ftp-smb-rsync-and-s3-buckets-exposing-1-5-billion-files
– The State of Cybercrime in the Post AlphaBay and Hansa Age Research Report: https://resources.digitalshadows.com/whitepapers-and-reports/the-state-of-cybercrime-in-the-post-alphabay-and-hansa-age