FIVE MINUTES WITH ...
compromise assessment process we call Forensics as Code . It enables us to use a single incident to inform future investigations , checking each subscriber ’ s data dynamically to continuously investigate similar potential breaches . Another point of differentiation is that , because of our focus on readiness , IR ² subscribers receive incident response at no additional cost .
Q . WHAT TECHNOLOGY ARE YOU MOST LOOKING FORWARD TO USING MORE OF ?
» We are always looking at innovative technologies and thinking about how to use them , vetting them carefully in our engineering team . We have a unique approach for automation in IR , and we use Jupyter notebooks with Spark engines for Big Data and machine learning . Spark supports batch and real-time processing , interactive querying , analytics to machine learning , and graph processing . Spark uses in-memory query execution to provide a fast and efficient big data processing solution . We use it all over the three main cloud vendors ( AWS , GCP , and Azure ).
We are also developing a unique internal Python package to support our Forensic as Code process . The Python package includes the logic of the Incident Response and is developed on top of Spark .
Another unique technology we have is the way we prepare and save the collected data of customers to allow future fast retrieval at low cost .
“ I AM A RETIRED COLONEL FROM THE ISRAEL DEFENSE FORCES ( IDF ), WHERE I SERVED OVER 20 YEARS IN THE 8200 CYBER UNIT ”
Q . WHAT IS YOUR LEADERSHIP STYLE ?
» I believe in focusing on communications – up , to the sides , and down . Strong communication is based on two principles :
Being authentic : be genuine , frank , respectful but direct . Respect other people ’ s time – speak your mind .
Listening : there is a huge difference between hearing and listening . Hearing is done through the ears while listening is through the mind and heart . I always strive to really understand the feelings , opinions , and perspectives of the other person .
24 July 2022