Tuesday, April 17, 2012

CrowdStrike launches CrowdStrike Services, Former FBI Top Cyber Cop Shawn Henry joins as CrowdStrike Services President

In my previous post I announced the launch of CrowdStrike - my new security company. Utilizing Big-Data technologies we are focused on helping enterprises and governments protect their most sensitive intellectual property from targeted intrusions. Today I am proud and honored to announce that Shawn Henry has joined CrowdStrike as the President of our newly formed professional services subsidiary – CrowdStrike Services, Inc.  Shawn was the Executive Assistant Director of the Criminal, Cyber, Response, and Service Branch of the FBI.  Shawn recently retired at the end of March of this year and he decided to start a new chapter in his already honorable service career.  While at the FBI, he was responsible for all criminal and cyber investigations worldwide, as well as international operations, and critical incident response. Because of Shawn's work, and for his leadership position in enhancing the FBI’s cyber capabilities, he received the Presidential Rank Award for Meritorious Executive in 2009. While Shawn has spent his whole adult life with the FBI, in the last two years in particular, he has seen an incredible increase in persistence and determination from nation state actors attempting to steal intellectual property from many of our largest corporations and government institutions.  

When Shawn announced his retirement and his move into the private sector, there was wide speculation about where he would land because of his long-term service with the bureau and his continued day-to-day mission in chasing down and apprehending the adversary.  Shawn had many compelling offers and a wide array of noble positions to consider upon retirement from the bureau.   CrowdStrike is honored to have him on our team and we know that Shawn is solidly behind our important mission.  We have spent months looking for the right person to run our services organization, and bar none he is the absolute best candidate because of his leadership, integrity, and passion.

Shawn has seen first hand the devastation from a multitude of adversaries across many sectors and knows what needs to be done.  Like Shawn, I know there are too many national policy issues to solve and that in many cases the “free market” can address the complex adversary problem far better than the government alone. Collectively we share the same view that industry can’t rely on the government alone to address the problem of targeted intrusions.  At CrowdStrike we do not mince our words about our abilities to use our advanced intelligence technology to bring the fight to the front door of the adversary, increase their cost of operations, and assist our customers in responding to and mitigating targeted attacks and intrusions.   As the adversary adjusts and realigns their tactics on a daily basis, we also strive to stay a step ahead of them.  We are relentlessly focused on addressing the threat and continually update our playbook to enhance not only our own strategy but to also enhance the existing capabilities that are currently in play with our collective customers.  

The formal creation of the Services arm now sets in stone the last gem of our “Triple Crown” and lays the foundation to further assist our customers with our complete offering. Our Services division, lead by Shawn, will be staffed with security practitioners that come with an unmatched pedigree of experience in information security and professional services delivery know-how.  Our Intelligence team led by Adam Meyers will be the glue that binds our Services and Technology offerings led by Dmitri Alperovitch, Founder and CTO.  Our offerings will provide an unparalleled strategic intelligence advantage over the adversary and will enable our customers to eventually encompass high-order attribution characteristics that easily rival the best collective intelligence agencies of the 21st century.
Thus, while we currently have our team focused on creating cutting edge technology to address the problem, we must build out a world-class services organization to immediately focus our professionals in helping organizations respond to the incidents that are bludgeoning them on a daily basis while providing the base compound to our intellectual “glue”.  Our initial service offerings are focused on the following:

  • Enterprise Adversary & Malware Assessment
    • Identify unknown compromised systems and data exfiltration channels, determine attribution and motivation of the intruders, along with providing cyber counterintelligence strategies to respond to future intrusions
  • Incident Response Services
    • On demand based retainer service designed to empower enterprises with experienced and professional tactical response teams  
  • Response and Recovery
    • Triage based service designed for enterprises to contain and recover from specific malware incidents or targeted intrusions
  • Malware Researcher/Staff Augmentation
    • Augment and assist your existing team with advanced capabilities in targeted attacks, malware research, and reverse engineering
  • Computer Incident Response Team Augmentation (CIRTA)
    • Supplement your response team with computer forensics examination, malware analysis, incident management, and litigation support capabilities
We are already engaged performing services for some of the world's largest companies and helping their teams respond to sophisticated targeted intrusions. What truly differentiates us from others is our ability to identify the adversary, their motivation, and their various tactics, techniques, and procedures.  While the malware they use may change, their tradecraft is remarkably static.   

Our goal is to build a team where we can instill confidence in our customers and provide leading edge analysis.  CrowdStrike Services is staffed with security practitioners with broad years of experience in information security and professional services delivery. Currently, we are in the process of hiring additional consultants that have deep technical experience with computer malware threats, reverse engineering, and forensic investigation of networks in various areas like the financial, government, military, telecommunications, and industrial sectors.    Shawn will be responsible for growing our services division into a global powerhouse with a laser focus on response, incident management, and incident prevention.   Similar to what I created and built with our services organization at Foundstone, our goal is to be the absolute best in the industry, and we will be relentless in our execution of this goal.     If you are interested in joining CrowdStrike Services and working with an exemplary team, please submit your resume to mission@crowdstrike.com. If your organization has the need for incident response and forensic services and you are tired of dealing with the attitude of the “old-guard,” please email us at services@crowdstrike.com.  We will get back to you immediately.  

To hear from Shawn directly please click here to visit his blog post and video.

Thanks again to all of you for all your support and encouragement that has poured in since our announcement in February, we truly appreciate it.   If you would like to keep up with the latest news on CrowdStrike please follow us on Twitter @crowdstrike.