@stake

Last updated

ATstake, Inc. (stylized as @stake) was a computer security professional services company in Cambridge, Massachusetts, United States. It was founded in 1999 by Battery Ventures (Tom Crotty, Sunil Dhaliwal, and Scott Tobin) and Ted Julian. Its initial core team of technologists included Dan Geer (Chief Technical Officer) and the east coast security team from Cambridge Technology Partners (including Dave Goldsmith).

Contents

History

In January 2000, Atstake acquired L0pht Heavy Industries (who were known for their many hacker employees), bringing on Mudge as its Vice President of Research and Development. Its domain name was atstake.com. [1] In July 2000, Atstake acquired Cerberus Information Security Limited of London, England, from David and Mark Litchfield and Robert Stein-Rostaing, to be their launchpad into Europe, the Middle East and Africa. [2] Atstake was subsequently acquired by Symantec in 2004. [3]

In addition to Dan Geer and Mudge, Atstake employed many famous security experts including Dildog, Window Snyder, Dave Aitel, Katie Moussouris, David Litchfield, Mark Kriegsman, Mike Schiffman, the grugq, Chris Wysopal, Alex Stamos, Cris Thomas, and Joe Grand. [4] [5] [6]

In September 2000, an Atstake recruiter contacted Mark Abene to recruit him for a security consultant position. The recruiter was apparently unaware of his past felony conviction since Atstake had a policy of not hiring convicted hackers. Mark was informed by a company representative that Atstake could not hire him, saying: "We ran a background check." This caused some debate regarding the role of convicted hackers working in the security business.

Atstake was primarily a consulting company, but also offered information security training through the Atstake academy, and created a number of software security tools:

Symantec later stopped selling LC5 to new customers citing US Government export regulations, and discontinued support in December 2006. [7] In January 2009, L0phtCrack was acquired by the original authors from Symantec; L0phtCrack 6 was announced at the SOURCE Boston Conference on March 11, 2009. [8] The technology underlying SmartRisk Analyzer was extended, and eventually brought to market by the Symantec spinoff Veracode.

Symantec announced its acquisition of Atstake on September 16, 2004, [9] and completed the transaction on October 9, 2004. [10]

Several members of Atstake left to form the computer security company "iSEC Partners" [11] in 2004. Former Atstake academy instructors Rob Cheyne and Paul Hinkle later formed the information security training company "Safelight Security Advisors" [12] in 2007. The remaining portion of the Atstake consulting group continues to operate as the "Security Advisory Services" [13] team within Symantec's Security Business Practice.

After Atstake

Numerous Atstake employees pre and post the acquisition by Symantec started their own cyber security services companies, these included:

of these companies NCC Group latterly acquired:

Atstake employees have also started their own cyber security product companies, including:

Related Research Articles

<span class="mw-page-title-main">L0pht</span> American hacker collective

L0pht Heavy Industries was a hacker collective active between 1992 and 2000 and located in the Boston, Massachusetts area. The L0pht was one of the first viable hackerspaces in the US, and a pioneer of responsible disclosure. The group famously testified in front of Congress in 1998 on the topic of ‘Weak Computer Security in Government’.

<span class="mw-page-title-main">Gen Digital</span> Multinational software company

Gen Digital Inc. is a multinational software company co-headquartered in Tempe, Arizona and Prague, Czech Republic. The company provides cybersecurity software and services. Gen is a Fortune 500 company and a member of the S&P 500 stock-market index. The company also has development centers in Pune, Chennai and Bangalore. Its portfolio includes Norton, Avast, LifeLock, Avira, AVG, ReputationDefender, and CCleaner.

L0phtCrack is a password auditing and recovery application originally produced by Mudge from L0pht Heavy Industries. It is used to test password strength and sometimes to recover lost Microsoft Windows passwords, by using dictionary, brute-force, hybrid attacks, and rainbow tables.

A grey hat is a computer hacker or computer security expert who may sometimes violate laws or typical ethical standards, but usually does not have the malicious intent typical of a black hat hacker.

Christien Rioux, also known by his handle DilDog, is the co-founder and chief scientist for the Burlington, Massachusetts based company Veracode, for which he is the main patent holder.

<span class="mw-page-title-main">Peiter Zatko</span> American computer security expert

Peiter C. Zatko, better known as Mudge, is an American network security expert, open source programmer, writer, and hacker. He was the most prominent member of the high-profile hacker think tank the L0pht as well as the computer and culture hacking cooperative the Cult of the Dead Cow.

<span class="mw-page-title-main">Chris Wysopal</span> American computer security expert

Chris Wysopal is an entrepreneur, computer security expert and co-founder and CTO of Veracode. He was a member of the high-profile hacker think tank the L0pht where he was a vulnerability researcher.

Xcitium, formerly known as Comodo Security Solutions, Inc., is a cybersecurity company headquartered in Bloomfield, New Jersey.

Fortinet, Inc. is a cybersecurity company with headquarters in Sunnyvale, California. The company develops and sells security solutions like firewalls, endpoint security and intrusion detection systems. Fortinet has offices located all over the world.

Cain and Abel was a password recovery tool for Microsoft Windows. It could recover many kinds of passwords using methods such as network packet sniffing, cracking various password hashes by using methods such as dictionary attacks, brute force and cryptanalysis attacks. Cryptanalysis attacks were done via rainbow tables which could be generated with the winrtgen.exe program provided with Cain and Abel. Cain and Abel was maintained by Massimiliano Montoro and Sean Babcock.

David Litchfield is a British security expert and The Director of Information Security Assurance for Apple. Anne Saita, writing for Information Security magazine, called him along with his brother Mark Litchfield, "World's Best Bug Hunters" in December 2003.

<span class="mw-page-title-main">VirusTotal</span> Cybersecurity website owned by Chronicle

VirusTotal is a website created by the Spanish security company Hispasec Sistemas. Launched in June 2004, it was acquired by Google in September 2012. The company's ownership switched in January 2018 to Chronicle, a subsidiary of Google.

Michael Gregory Hoglund is an American author, researcher, and serial entrepreneur in the cyber security industry. He is the founder of several companies, including Cenzic, HBGary and Outlier Security. Hoglund contributed early research to the field of rootkits, software exploitation, buffer overflows, and online game hacking. His later work focused on computer forensics, physical memory forensics, malware detection, and attribution of hackers. He holds a patent on fault injection methods for software testing, and fuzzy hashing for computer forensics. Due to an email leak in 2011, Hoglund is well known to have worked for the U.S. Government and Intelligence Community in the development of rootkits and exploit material. It was also shown that he and his team at HBGary had performed a great deal of research on Chinese Government hackers commonly known as APT. For a time, his company HBGary was the target of a great deal of media coverage and controversy following the 2011 email leak. HBGary was later acquired by a large defense contractor.

Trellix is a privately held cybersecurity company that was founded in 2022. It has been involved in the detection and prevention of major cybersecurity attacks. It provides hardware, software, and services to investigate cybersecurity attacks, protect against malicious software, and analyze IT security risks.

Veracode is an application security company based in Burlington, Massachusetts. Founded in 2006, it provides SaaS application security that integrates application analysis into development pipelines.

NCC Group is an information assurance firm headquartered in Manchester, United Kingdom. Its service areas cover software escrow and verification, cyber security consulting and managed services. NCC Group claims over 15,000 clients worldwide. The company is listed on the London Stock Exchange.

SourceClear or SRC:CLR was an American software company with its namesake security tool for software developers. SourceClear focused on open-source software development, plugging into developers' existing workflows and examining security risks of open-source and third-party code in real time. The company was headquartered in San Francisco, California with an office in Singapore. It had customers in the technology, social media, retail, finance, and defense industries. In October 2015, it announced a $10 million Series A round of funding. In 2018 it was acquired by CA Technologies; after which it was folded into Veracode.

<span class="mw-page-title-main">Katie Moussouris</span> American computer security researcher, entrepreneur, and pioneer in vulnerability disclosure

Katie Moussouris is an American computer security researcher, entrepreneur, and pioneer in vulnerability disclosure, and is best known for her ongoing work advocating responsible security research. Previously a member of @stake, she created the bug bounty program at Microsoft and was directly involved in creating the U.S. Department of Defense's first bug bounty program for hackers. She previously served as Chief Policy Officer at HackerOne, a vulnerability disclosure company based in San Francisco, California, and currently is the founder and CEO of Luta Security.

Checkmarx is an enterprise application security company headquartered in Atlanta, Georgia in the United States. Founded in 2006, the company provides application security testing (AST) solutions that embed security into every phase of the software development lifecycle (SDLC), an approach to software testing known as "shift everywhere."

References

  1. "A disaster foretold — and ignored". Washington Post. June 22, 2015.
  2. Bacon, Jono. "A Security CEO and Two Hackers on Building a Safer Internet, Powered by a Community of Hackers". Forbes. Retrieved 2020-04-15.
  3. "Exclusive: Facebook ex-security chief: How 'hypertargeting' threatens democracy". finance.yahoo.com. 8 February 2019. Retrieved 2020-04-15.
  4. Fisher, Dennis (6 March 2018). "'We Got to Be Cool About This': An Oral History of the L0pht, Part 1". Decipher. Duo Security. Retrieved 17 June 2018.
  5. "Space Rogue". Forbes . US. 7 Feb 2000. Retrieved 18 Dec 2017.
  6. Franceschi-Bicchierai, Lorenzo (2023-08-04). "Meet Window Snyder, the trailblazer who helped secure the internet and billions of devices". TechCrunch. Retrieved 2023-08-05.
  7. Leyden, John (2005-11-25). "Symantec refuses to sell audit tool outside the US". Archived from the original on 2023-02-01. Retrieved 2023-05-16.
  8. "New version of L0phtcrack to be unveiled next week". Infosecurity Magazine. 2009-03-03. Retrieved 2009-05-29.
  9. "Symantec press release, September 16, 2004". Archived from the original on 2005-12-12. Retrieved 2005-10-26.
  10. "Symantec press release, October 9, 2004". Archived from the original on 2009-07-31. Retrieved 2018-09-07.
  11. "www.nccgroup.trust/us/our-services/cyber-security/". www.nccgroup.trust. Retrieved 2018-04-02.
  12. "Application Security Training and Assessments - Security Innovation". Archived from the original on 2014-08-13. Retrieved 2020-06-06.
  13. Symantec.com Archived 2010-09-07 at the Wayback Machine
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.