Sean is an active senior threat research analyst at Damballa. He specializes in the analysis of signatures and behaviors used by the botnets and the cyber-criminal community. Sean focuses his time learning tools, techniques, and procedures behind attacks and intrusions related to various persistent threats. Sean has worked in several Information Systems Security roles for various firms and customers over the past decade across United States. Most notably he has spent several years performing black box penetration testing, incident response, and intrusion and intruder analysis for Fortune 100 companies, the Defense Department, and ‘other’ Federal Agencies. Sean has shared numerous accounts of his findings at various industry conferences relating to the inner-workings of advanced persistent threats (APTs). Sean has lectured at industry conferences including Bluehat, Defcon, Defcon Skytalks, Hacker Halted, TakeDownCon, PhreakNIC, DC3, NW3C, NSA, DHS Annual Security Symposium, Pentagon Security Forum, and Carnegie Mellon CERT discussing his interest in analyzing and manipulating the minds and morale of persistent threats without their knowledge.
Sean has focused his research over the past several years on developing systems that enable the analysis of attackers through various advanced machine learning and enterprise platforms mixed of various public and private Honeynet technologies. Sean co-authored “Hacking Exposed: Malware and Rootkits (the definitive Computer Security book series)” with McGraw-Hill in 2009. Sean is currently working on another book “Spy Hunters: Countering Advanced Persistent Threats,” a comprehensive manual that illustrates how to employ various methods of counter-intelligence, disinformation, and deception against active threats in order to learn the ‘who’ and ‘why’ behind the breach of your enterprise.