Martin Roesch

Last updated
Roesch in 2022 Martin Roesch at Evanta Global CISO Summit.jpg
Roesch in 2022

Martin Roesch founded Sourcefire in 2001 and was its chief technology officer until the company was acquired by Cisco Systems on October 7, 2013 for $2.7B. [1] Roesch now is CEO of Netography [2] which raised $45M in Series A funding [3] in November 2021. He is also the author and lead developer [4] of the Snort Intrusion Prevention and Detection System which formed the foundation for the Sourcefire firewall and IDS/IPS systems. Snort is still developed by Cisco Systems today and remains the most-used open source IDS technology.

Martin has developed various network security tools and technologies, including intrusion prevention and detection systems, honeypots, network scanners, and policy enforcement systems, for organizations such as GTE Internetworking, Stanford Telecommunications, Inc., and the United States Department of Defense. Martin has been interviewed as an industry expert in multiple technology publications, as well as print and online news services such as MSNBC, Wall Street Journal, CNET, ZDNet, and Scientific American. He has also been interviewed for several books, such as Network Intrusion Detection: An Analyst's Handbook, Intrusion Signatures and Analysis, Maximum Security, Hacking Exposed, and others. He has been outspoken in recent months about the fundamental issues with network security priorities being lost in the face of COVID-19 changes in how companies work, leading to the atomization of networks. [5]

Martin holds a B.S. in Electrical and Computer Engineering from Clarkson University. He is also the author of Daemonlogger. [6]

Related Research Articles

<span class="mw-page-title-main">Cisco</span> American multinational technology company

Cisco Systems, Inc. is an American multinational digital communications technology conglomerate corporation headquartered in San Jose, California. Cisco develops, manufactures, and sells networking hardware, software, telecommunications equipment and other high-technology services and products. Cisco specializes in specific tech markets, such as the Internet of things (IoT), domain security, videoconferencing, and energy management with products including Webex, OpenDNS, Jabber, Duo Security, Silicon One, and Jasper.

An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically either reported to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system combines outputs from multiple sources and uses alarm filtering techniques to distinguish malicious activity from false alarms.

<span class="mw-page-title-main">Trend Micro</span> Japanese multinational cyber security company

Trend Micro Inc. is an American-Japanese cyber security software company. The company has globally dispersed R&D in 16 locations across every continent excluding Antarctica. The company develops enterprise security software for servers, containers, and cloud computing environments, networks, and end points. Its cloud and virtualization security products provide automated security for customers of VMware, Amazon AWS, Microsoft Azure, and Google Cloud Platform.

Network security are security controls, policies, processes and practices adopted to prevent, detect and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs: conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: it secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.

<span class="mw-page-title-main">Snort (software)</span> Open-source intrusion prevention system

Snort is a free open source network intrusion detection system (IDS) and intrusion prevention system (IPS) created in 1998 by Martin Roesch, founder and former CTO of Sourcefire. Snort is now developed by Cisco, which purchased Sourcefire in 2013.

Sguil is a collection of free software components for Network Security Monitoring (NSM) and event driven analysis of IDS alerts. The sguil client is written in Tcl/Tk and can be run on any operating system that supports these. Sguil integrates alert data from Snort, session data from SANCP, and full content data from a second instance of Snort running in packet logger mode.

https://en.wikipedia.org/wiki/Software_release_life_cycle

Data loss prevention (DLP) software detects potential data breaches/data exfiltration transmissions and prevents them by monitoring, detecting and blocking sensitive data while in use, in motion, and at rest.

<span class="mw-page-title-main">Angela Orebaugh</span> American computer scientist and author

Angela Orebaugh is a cyber technology and security author and researcher. In 2011, she was selected as Booz Allen Hamilton's first Cybersecurity Fellow. She is an assistant professor at the University of Virginia Department of Computer Science.

Prelude SIEM is a Security information and event management (SIEM).

<span class="mw-page-title-main">Sourcefire</span> American computer security company

Sourcefire, Inc was a technology company that developed network security hardware and software. The company's Firepower network security appliances were based on Snort, an open-source intrusion detection system (IDS). Sourcefire was acquired by Cisco for $2.7 billion in July 2013.

Network behavior anomaly detection (NBAD) is a security technique that provides network security threat detection. It is a complementary technology to systems that detect security threats based on packet signatures.

<span class="mw-page-title-main">Barrett Lyon</span> American businessman (born 1978)

Barrett Gibson Lyon is an American Internet entrepreneur, security researcher, and a former hacker.

Okena is an intrusion detection company based in Waltham, Massachusetts. It was acquired by Cisco Systems on January 24, 2003, for $154M, in an all-stock transaction.

Aanval is a commercial SIEM product designed specifically for use with Snort, Suricata, and Syslog data. Aanval has been in active development since 2003 and remains one of the longest running Snort capable SIEM products in the industry. Aanval is Dutch for "attack".

Used as part of computer security, IDMEF is a data format used to exchange information between software enabling intrusion detection, intrusion prevention, security information collection and management systems that may need to interact with them. IDMEF messages are designed to be processed automatically. The details of the format are described in the RFC 4765. This RFC presents an implementation of the XML data model and the associated DTD. The requirements for this format are described in RFC 4766, and the recommended transport protocol (IDXP) is documented in RFC 4767

Vectra AI, Inc. is a cybersecurity company that uses AI for hybrid attack detection, investigation, and response (NDR) solutions. The company was established in 2012 and operates in 113 countries from its San Jose, California headquarters.

Sierra Ventures is an American venture capital firm based in San Mateo, California. It targets startups in sectors including enterprise tech, artificial intelligence, cybersecurity and healthcare.

<span class="mw-page-title-main">Ang Cui</span> American computer scientist

Ang Cui is an American cybersecurity researcher and entrepreneur. He is the founder and CEO of Red Balloon Security in New York City, a cybersecurity firm that develops new technologies to defend embedded systems against exploitation.

Cisco Talos, or Cisco Talos Intelligence Group, is a cybersecurity technology and information security company based in Fulton, Maryland. It is a part of Cisco Systems Inc. Talos' threat intelligence powers Cisco Secure products and services, including malware detection and prevention systems. Talos provides Cisco customers and internet users with customizable defensive technologies and techniques through several of their own open-source products, including the Snort intrusion prevention system and ClamAV anti-virus engine.

References

  1. Rao, Leena (2013-07-23). "Cisco Acquires Cybersecurity Company Sourcefire For $2.7B". TechCrunch. Retrieved 2023-01-13.
  2. "Martin Roesch joins Netography as CEO". Help Net Security. 2021-09-15. Retrieved 2021-09-23.
  3. "Netography raises $45M Series A funding to provide real-time threat detection and response capabilities for the atomized network". Tech News | Startups News. 2021-11-15. Retrieved 2023-01-13.
  4. "So, What Is Snort? | An Introduction to Snort: A Lightweight Intrusion Detection System | InformIT". www.informit.com. Retrieved 2023-01-13.
  5. "Cybersecurity Solutions Must Evolve, Says Netography CEO". Dark Reading. August 19, 2022. Retrieved 2023-01-13.
  6. "Sourcefire Website". Archived from the original on 2012-09-13. Retrieved 2008-10-28.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.