Accuvant Launches Accuvant Labs at BlackHat USA Conference
Today, during the 2009 BlackHat conference in Las Vegas, Accuvant officially announced the addition of a research and development division to its security assessment practice, which is now called Accuvant Labs. This is significant for several reasons. First, security research experts Alex Wheeler and Ryan Smith, who most recently were recently credited with discovering Microsoft’s ActiveX bug – CVE-2008-0015 and MS09-032, as well as a multitude of other vulnerabilities over the years, have joined the team. Wheeler has worked for TippingPoint and ISS’ X-Force, and has twice served as a security researcher on the client side. Smith has worked for iDefense, ISS’ X-Force and Neohapsis, and has worked on the client side as a vulnerability assessment engineer for Allstate. These guys are among the best in the industry and we’re very excited to have them on board. In fact, both Wheeler and Smith won “Pwnie” awards for “Best Server Side Bug” in 2008 for their Windows IGMP kernel vuln (CVE-2007-0069) and are nominated again in 2009. We’ll find out around 7 pm on July 29th at the BlackHat reception if these two dudes have done it again! I also plan to check out Smith’s presentation on Wednesday the 29th. He’s dropping a talk with Dave Dewey and Mark Dowd that I have had some early preview of and relates to some of the ActiveX stuff that has been getting some recent publicity. In fact, I had to do a bit of research to fully comprehend one of the demo’s I watched, so I learned something new already. If I know those guys, it should be a solid session.
As we all know, research and development is critical to being able to proactively address security threats within the organization. While we have been providing some of the best assessments in the industry for many years now, the addition of the researchers to the team augments our capabilities in a variety of ways, including being able to leverage 0-day attacks during our engagements, developing unique and useful tools, providing more depth with regards to binary analysis and software security testing, keeping our customers abreast of the latest threats (possibly even before their IDS and AV vendors catch up) and advancing research within the security community.
This evolution of the team is a somewhat unique situation for a group like ours. While our customers are paying for great consulting and documentation, that process has to be backed up by deep technical capabilities - and not just from the perspective of proficiency with security testing tools, enumeration and exploitation procedures - but capabilities that demonstrate industry leading expertise, such as identifying vulnerabilities that nobody else has yet found. Interestingly enough, the majority of clients out there aren’t paying for us to go in and identify 0-day type issues. However, it is this credibility that frequently brings a team like our Labs division to the table and enables us to establish differentiators for our assessment team.
What has made Accuvant’s assessments successful over the past seven years is outstanding consulting, bottom line. The addition of an R&D division to Accuvant Labs results in the apex of service. For example, we have always had capable resources, but never spent a ton of time working on vuln research, tool development, etc. like many similar organizations pursue because we were solely focused on consulting. And, while these resources that may be outstanding consultants, they aren’t necessarily the same folks you want to plop down and have RE some random binary. Conversely, we have learned through experience that individuals who are extremely technically proficient at finding bugs or writing exploits may not be the best at nurturing customer relationships, i.e. being responsive, communicative, meeting deadlines or writing good documentation. As such, the addition of the R&D group within the Labs services practice allows us to stand alone as a consulting group that can bridge the gap between elite research and premium consulting. We are pursuing a model where our resources work on what they do best – researchers focusing on research, consultants focusing on consulting – with both groups working collaboratively within the same team so that their specific strengths can complement the other. I believe this model not only meets the needs of the CIO/CISO but confirms our continually building expertise and credibility to appeal to the engineers and administrators in the enterprise.
Needless to say, we are looking forward to the contributions from Wheeler and Smith and to continuing to provide best-in-class assessment services to our clients. If you are out here at BlackHat, we got a grip of the Labs consultants and Accuvant sales folks out here, so please swing by our booth and say hi and if we have any left – grab an invite for our party at Pure for Thursday night.