Armed with knowledge of real world adversarial tactics, I believe in focusing security assessments on finding critical architectural and procedural gaps, then establishing a holistic, multi-stakeholder, get well plan to securely enable business operations.
XenoSec
Christopher Clark
Security Architect. Intelligence Director. Tool Creator. Code Monkey.
Profesional Profile
I've spent my life exploring my passions and creating solutions of all types. The result of over twenty years of self guided technical exploration has led me to focus on the new and exciting challenges of adversarial cyber security.
I am the Director of Security Research at Palo Alto Networks. My focus is on fusing automation, cross-discipline intelligence collection, and actionable countermeasure deployment. I have experience in both offensive and defensive computer network operations. I've previously held technical leadership positions with industry leaders such as the US Marines, Verisign, BAE Systems, General Dynamics, and ManTech in which I was directly responsible for mission critical cyber operations.
I strive to be as active as possible in the security community through open-source development, public and private speaking engagements, and threat intel sharing organizations. I'm always available to assist or lend expertise, especially in support of non-profit organizations.
Cup of coffee
Lines of spaghetti code
Unhappy bad guys
Things I Do (For You?)
These are my primary areas of expertise
Security Assessments
SIEM and Sensor Integrations
I have extensive experience in normalizing and integrating security alerting and incident response work flow across most major COTS and FOSS toolsets. I work to ensure maximum value and efficacy by automating away most tier one triage and documentation tasks.
Threat Data Management
Leveraging my focus on threat intel database schema design (Graph, SQL, and No-SQL) and contribution to multiple closed and open source projects (e.g: MISP, Fidelis XPS, and iDefense IntelGraph, etc.), I can ensure your most important data is retained, enriched, and shared with trusted internal or external partners.
Cybersecurity Products
My experience in commercial and government focused cyber security products spans offensive to defensive cyber operations. Leverage my insight as a key contributor to multiple successful products currently defending the Fortune 500 and USA. I focus on defining and delivering positive value to InfoSec practitioners.
Intel Driven SecOps
Iterative ingestion and collection of security intelligence is key to advancing the maturity level of any information security operations team. It's critical to be proactive in threat classification and triage in order to most efficiently apply limited security resources to protect core business assets.
Security Architecture
Through custom application of lessons learned from the constantly shifting threat landscape, I can guide prioritization and discover efficiencies through intelligent security architecture. Examination of internal and external requirements, threats, and available resources will allow for both a secure and efficient enterprise.
I'm currently unavailable for consulting work.
I am employed full time with Palo Alto Networks.
However, I am very interested in helping with any non-profit or open source projects focused on advancing the cybersecurity industry. I would also be happy to consider speaking and mentorship requests.
Contact meResume
Selected education and experience.
Experience
Director of Security Research
Responsible for improving detection and response through applied threat intelligence. Continually assess and remediate platform capability and coverage gaps while adapting to changes in the threat landscape. Guide the development of new collections, analysis, and detection methodologies.
Palo Alto Networks
2015 - PresentDirector, Cyber Security Intelligence & Chief of Staff
Develop innovative cyber collections and analysis technology while guiding the global research and focus of the iDefense intelligence service. Leadership of a forty person team of globally distributed subject matter experts with over 300 years of combined cyber security and intelligence experience.
Verisign
2013 - 2015Senior Threat Researcher
Developed and implemented comprehensive threat intelligence tools and methodologies to classify, attribute, and defend customers against advanced cyber attacks. Additionally, spearheaded multiple critical product advancements to facilitate improved visibility and advanced threat detection. (Including YARA, and return telemetry collection)
General Dynamics
2013 - 2013Senior Cybersecurity Analyst - Focused Ops (APT)
Engineered and deployed an extensive Malware Research Environment, allowing for early detection and prevention of Advanced Persistent Threat Attacks. Involved in daily information exchange with government organizations including DCISE, DSS, US-CERT and FBI, as well as numerous Fortune 100 Commercial Partners. Awarded for custom cyber security tool development, including full scale anti-phishing intrusion detection systems, and deep file inspection programs.
BAE Systems
2012 - 2013Secure Systems Engineer / CSIRT Team Member
Designed and deployed systems and tools to support and secure Mantech Computer Forensics and Intrusion Analysis operations. Network and systems architecture and engineering focusing on non-attributable platforms and custom systems to support hardware and software reverse engineering. Additionally worked to support corporate security via forensics, traffic analysis, and adversary profiling.
ManTech (CFIA)
2010 - 2012Biometric Security / Combat Operations Center Manager / Scout Team Leader
Extensive Security, Leadership, and Training experience. Including DOD Instructor Certification, Biometrics Security, Combat & Security Operations Management, and Scout Team Leadership.
US Marine Corps.
2003 - 2009Education
Executive Certificate, Strategy and Innovation
Focus on succseful Platform Innovation, Technology and Workforce Development, and Global Markets
MIT Sloan
2014 - 2015Certificate, Advanced Computer Security
Focus on Cryptography, Secure Software Design, Adversarial Security, and Security Architecture
Stanford
2012 - 2012Selected Tools and Talks
My best (open source or public) works.
Contact Me
Drop me a line, or give me a ring. I'd love to hear from you.
I'm always available to provide free guidance, tool development assistance, or mentorship.
I'm currently happily employed full time with Palo Alto Networks and am not individually available for paid consulting work, though I am always excited to meet new security professionals and expand my network.
- Washington DC Metro, USA
- 1.703.957.9366
- Chris@XenoSec.org
- http://www.xenosec.org