With 2013 coming to a close, I thought it pertinent to look back at the year we've had and also forward to what's promising to be an incredibly exciting 2014 for us.
2013 for SensePost, was a year of transition. With a new leadership structure in myself, Shane and Dominic, we had a chance to stamp our style and vision and also learn from Charl and Jaco. One of the first leadership choices was to expand our reach and open our first office in London, aptly in a borough called Hackney. Here, we grew our family and welcomed some amazing people into the plak. After a few short months, we had outgrown the office and needed to look for bigger premises, this time in another aptly named area: Whitechapel (think Jack the Ripper).
Back in South Africa, after moving to bigger premises down the road, we finally got a chance to make it feel like home. These two new offices have allowed us to continue to grow at a steady pace, whilst still keeping the SensePost vision and vibe alive.
On a technical level, as this is what we are really about, we've had an amazing year. As part of this new vision, we made some key appointments:
Craig Swan, who originally was part of the assessments team and left, returned home to assume the role of Training Manager. On a training front, we've had one of the busiest years to date. From Blackhat in Las Vegas, Brasil and Seattle, to 44Con in London, for our friends in the US and our courses held in Southern Africa, we've trained hundreds of students in the art of offensive security. We've also created two new courses for the Hacking by Numbers series, one concentrating on mobile assessments and the other on malware reverse engineering. However, we are not resting on our laurels and with Craig on-board, 2014 is looking like being an amazing year for education at SensePost.
Victor Tadden, an experienced technical Project Manager, joined the assessment team to help us be more efficient with our delivery of projects. He brings with him a wealth of software dev experience and has already made a significant impact in the way we work, especially managing to wrangle pen testers together daily for scrum meetings, a feat many will tell you is akin to herding cats.
Tiago Rosado joined us from Portugal to head up our Managed Vulnerability Service, a key service line that many of our clients rely on for a more holistic view of their security posture. Our MVS service line is being revamped for 2014 and Tiago will help us achieve this.
Marc Peiser became our IT Manager and with him, brought a wealth of UNIX experience, having worked for a massive global bank. Marc's aim for 2014 is to ensure that our internal networks are not only robust but also allow us to do what we do. Surprisingly enough, we are frequently attacked and having defense in depth approach to IT is as important to us as it is to our clients.
Internally, we've welcomed some new family members, said goodbye to some.We value those who choose to work here very highly, we want work to be a creative environment where people can have fun, grow and most importantly enjoy coming to work. Nothing makes me more proud than seeing a plakker accepting new challenges, often defining the way the security industry works, or helping others with their security needs. As the penetration industry matures, one of my main goals for 2014 is to ensure that our proven hacker ethos remains.
2013 saw us presenting at conferences throughout the year and for the first time in our history, in a total of eight different countries over five continents. Our research included vulnerabilities in the Internet of things, distributed surveillance frameworks, security analysis of the Trustzone OS and Mobicore and finally using Spatial Statistics to detect Fast-Flux botnet Command and Control (C2) domains.
Technical prowess is still at the very heart of what we do at SensePost. We love to pwn and 2014 will see us continuing to write new tools, approach old problems with a new way of thinking and just being, well, us.
In November, after months of negotiations, came the news that we were to be acquired by SecureData Europe. This new chapter for us will usher in a new era of growth and development for us at SensePost and we are truly excited to be part of the SecureData Europe family.
Overall it was a fantastic year, especially for us, the new EXCO. I am extremely proud to stand alongside some incredibly talented people and call them colleagues and look forward to 2014 and what it brings.
From everyone at SensePost, we wish you a Merry Christmas and best wishes for the New Year.
We're pleased to announce our acquisition today by SecureData Europe.
SecureData (www.secdata.com) is a complete independent security services provider based in the UK and was also previously part of the SecureData Holdings group before being acquired by management in November 2012. The strategic acquisition complements SecureData's vision for enabling an end-to-end, proactive approach to security for global customers by assessing risk, detecting threats in real-time, protecting valuable assets and responding to security issues when they occur.
This deal signals the culmination of a long period of negotiation between SecureData Holdings, SecureData Europe and SensePost management and represents a cordial and amicable arrangement that is considered to be to the benefit of all three businesses. As the management of SensePost we are fully committed to this change, which we believe is in the best interests of SensePost, our staff and our customers. We believe this move will herald for us a new era of growth and development that will see us better equipped and prepared to meet the requirements of the market and fulfil our mission of providing insight, information and systems that enable our customers to make informed decisions about information security.
We look forward to a to an exciting period of innovation, growth and development that we believe this transaction will ultimately enable!
Today was our 13th birthday. In Internet years, that's a long time. Depending on your outlook, we're either almost a pensioner or just started our troublesome teens. We'd like to think it's somewhere in the middle. The Internet has changed lots from when SensePost was first started on the 14th February 2000. Our first year saw the infamous ILOVEYOU worm wreak havoc across the net, and we learned some, lessons on vulnerability disclosure, a year later we moved on to papers about "SQL insertion" and advanced trojans. And the research continues today.
We've published a few tools along the way, presented some (we think) cool ideas and were lucky enough to have spent the past decade training thousands of people in the art of hacking. Most importantly, we made some great friends in this community of ours. It has been a cool adventure, and indeed still very much is, for everyone who's has the pleasure of calling themselves a Plak'er. Ex-plakkers have gone on to do more great things and branch out into new spaces. Current Plakkers are still doing cool things too!
But reminiscing isn't complete without some pictures to remind you just how much hair some people had, and just how little some people's work habit's have changed. Not to mention the now questionable fashion.
Fast forward thirteen years, the offices are fancier and the plakkers have become easier on the eye, but the hacking is still as sweet.
As we move into our teenage years (or statesman ship depending on your view), we aren't standing still or slowing down. The team has grown; we now have ten different nationalities in the team, are capable of having a conversation in over 15 languages, and have developed incredible foos ball skills.
This week, we marked another special occasion for us at SensePost: the opening of our first London office in the trendy Hackney area (it has "hack" in it, and is down the road from Google, fancy eh?). We've been operating in the UK for some time, but decided to put down some roots with our growing clan this side of the pond.
And we still love our clients, they made us who we are, and still do. Last month alone, the team was in eight different countries doing what they do best.
But with all the change we are still the same SensePost at heart. Thank you for reminiscing with us on our birthday. Here's to another thirteen years of hacking stuff, having fun and making friends.
In South Africa its not hard to find causes to support, but one that's particularly close to my heart is the Little Lambs Christian Daycare in a township in Cape Town called 'Imizamo Yethu' (The People Have Gathered).
The Little Lambs Daycare provides Early Childhood Development services and care to the poor in the community of Imizamo Yethu. The daycare operates 5 days per week and 12 Staff members — also from the community — cater and provide a safe learning space for 200 children aged 1 to 6 while their parents can seek work in the nearby town. I've been involved with the daycare for many years now and so I use every opportunity to raise awareness and support for the important work its doing. One way to do that is through a hobby ... endurance running.
Over the last 4 years I've run across the hottest, driest and harshest deserts in the world, over 250km at a time and completely self-supported, as a competitor in the 4 Deserts rough-country endurance footrace series. A unique collection of world-class events that take place over 7 days and 250 kilometers in the largest and most forbidding deserts on the planet. In line with the competition's ethos I've tried to use the interest the races generate to help raise awareness and support for Little Lambs.
This year I face my greatest challenge - a 6 day, 250km self-supported foot race in Antartica. Sixty individuals representing nearly thirty countries are expected to compete in over terrain that will be largely snow (from a few centimeters to a meter deep) with temperatutes as low as -20 °C.
I'm hoping to raise R 200 (about $ 20) for every kilometer I run - raising R 50,000 in total for this beautiful and important project.
I can't vouch for the security of the donations site. But if you're not comfortable to leave your CC details in there, please contact me and I'll give you details for a direct transfer. Please don't hack them though ... that's not what Jonny meant with 'I Hack Charities'.
Here are all the links:
1. Little Lambs - http://www.littlelambs.org.za/
2. The 'Help Lambs Run' Facebook page, where I post news and updates - http://www.facebook.com/HelpLambsRun
3. Racing the Planet - http://www.4deserts.com/thelastdesert/
4. Donations site (for donating, not hacking) - http://www.doit4charity.org.za/fundraising/Charl.van.der.Walt
Shane Kemp, Daniel Cuthbert and Dominic White will be promoted to Global Sales Manager, Chief Operations Officer and Chief Technology Officer respectivley and will join SensePost's senior leadership structures, effective 01 October 2012.
The three new c-levels, along with a number of other emergent leaders, will be commencing a training and development program spanning a number of months as they gradually assume their new responsibilities.
These appointments follow on recent promotion of Yvette du Toit to Business Development Manager for the Africa region, Rogan Dawes as Assessments Manager as well as Behrang Fouladi and Ian de Villiers to our recently established Research Division (more on that to come).
We have a vision to build a dynamic global business that will impact our clients and the community in general in a lasting and meaningful way. To achieve that we need to attract the best people in the game and give them every opportunity to develop, to achieve and ultimately to make their mark on our business and our industry. These appointments will not only stretch and challenge these three guys and their teams, it will also optimally position SensePost to leverage of its current position of strength to redefine itself, innovate and grow.We were looking for a new generation of leaders who not only had the required skill and experience, but who also represented our company's core values of honesty and integrity combined with technical excellence and passion a for information security. We believe that in this team we have that. We expect that over time the new leaders will bring their own unique style to the way SensePost is run, but we're confident that the technical, business and ethical values that have characterized us as a company over the last 13 years will remain intact.
We're proud of them all and wish them the best of luck!