How Intezer is filling a critical cyber skill gap with ‘code intelligence’
This post was originally published by Intezer.
Itai Tevet was the self-described ‘PC kid’ whose fascination with technology led to a strong interest in information security–an interest that benefited him as he grew into increasingly more responsible cyber security leadership roles within the Israeli Defense Forces (IDF).
It was there that he gained the unique experience of handling nation-sponsored attacks on a daily basis.
“It was absolutely very stressful, dealing with the sheer volume that we did, but I had people who I trusted and there was no challenge that we couldn’t mitigate,” Tevet said. “From that perspective, the role was more exciting than stressful. Our chief focus was on investigation and response.”
He met his Intezer co-founder, Roy Halevi, while working on a project in the IDF. Both were accustomed to delivering under extreme pressure within a tight timeframe, trying to outthink hackers and developing products from scratch in just a few months.
“It was very clear to me in my last years of service that I wanted to create a company,” Tevet said. “Not only do I enjoy creating new things–in the past, this involved developing new software or inventing new programs to deal with threats–but I saw a clear need in the market for a new approach to detection and analysis.”
Because of that, much of Tevet’s knowledge of the competition sprung from an interesting position: since he was once on the customer side of security operations, he has used a variety of different technologies, becoming more familiar with what technologies existed–as well as their limitations.
Tevet and Halevi founded Intezer together with Alon Cohen, the founder and former CEO of Cyber-Ark Software (NASDAQ:CYBR).
Filling a Critical Cyber Skill Gap with Code Intelligence
Meanwhile, Tevet has witnessed seismic shifts in the enterprise view of cyber security.
“I was surprised, actually, how the defensive mindset in the industry was really in its infancy,” he said. “When I left the army, it was only very talented people dealing with very sophisticated attacks; when you look at most companies today, they struggle recruiting people with the skills required to deal with modern threats. In recognition of this, we’ve created a tool that empowers response teams to have elite capabilities, even if they lack these skills. We built Code Intelligence™ with that principle in mind.”
Tevet noted that the industry’s focus shifted from the traditional information security issues toward a new plane of cyber warfare, with a range of nefarious characters: nation-sponsored hackers, sophisticated cyber criminals, international terrorists and powerful criminal networks.
While organizations typically are slower in terms of adopting new technologies, hackers (whether they’re individuals or part of broader crime networks) move stunningly fast.
“After witnessing and mitigating many of these attacks, I came to the conclusion that it’s really a cat-and-mouse game: if an organization tries to close one part of its network as a defense mechanism, the hacker manages to sneak in through another access point,” Tevet said.
It’s a game where the risks are many, the potential losses are extensive, and agility always wins.
Unlocking the Secrets Behind Organizations’ Code ‘DNA’
The bottom line: no matter the point of penetration, attackers must eventually run their malicious code within the organization. “This is the main principle that Intezer ran with; we said let’s look at the most basic piece: all of the binary code running in computers throughout the network,” Tevet explained.
“We believe strongly that the key to solving a cyber security problem–and the key to be better than the attackers–is actually to understand every piece of code. All attackers must get to this point. Yet trying to understand its exact origins (similar to reverse engineering) is extremely difficult.”
Only a few of the most experienced and sophisticated cyber security professionals are capable of doing this. Thankfully, organizations don’t have to search for the proverbial needle in the haystack, as Intezer enables companies to trace their code in its entirety without the need for a reverse engineer. It is currently the only product on the market with these capabilities.
“There are two main values that we wanted to pursue early on as a company: first, because we understand code, we’re able to empower security teams to be better at their work, improving upon their own skills and accelerating internal operations,” Tevet said.
“Secondly, because we developed this proprietary technology that examines code, we’re better able to detect and mitigate malware. In short, we help to reduce response times and boost accuracy in detection.”
In order to make this possible, the founders encountered significant challenges.
“We had to do something very unconventional: basically, we’re working on mapping every single piece of code on the planet,” Tevet said. “You need to do something very special, or be a bit crazy to even attempt it.”
To arrive at a point where most of the code is housed in Intezer’s repository is something both Tevet and Halevi believe can be achieved, despite the fact that new software is developed continuously. This will enable Intezer to offer its Immune System™ product to companies looking to bolster their defense 24/7.
Helping the Cyber Security Community Starts with a Strong Team
The two are also motivated to help the broader security community. They’ll use the company’s technology to provide insights from its massive code database.
“Our goal is to help others to source malicious actors and identifying new and undetected malware,” Tevet explained.
Much of the team they’ve assembled at Intezer–a group comprised of expert analysts and developers–know both co-founders well from their days in the army, and recognize both as leaders on the most advanced edges of an ever-evolving field.
Tevet’s big dreams for the company are the stuff of grand entrepreneurial vision:
Becoming the standard of any kind of cyber security response and investigation; meaning, if you are at the end of the world and you want to investigate a file, Intezer is your go-to solution provider.
The goals are lofty; with the right team and approach, however, they’re within reach.