JASK expands cyber threat hunting ‘SpecOps’ team

JASK revealed the expansion of its threat-hunting-as-service offering, JASK Special Operations. Based on customer demand since its launch in May 2018, JASK deepened the team’s talent with the addition of threat hunters, incident responders and researchers from organizations including IBM X-Force, RiskIQ and the U.S. Department of Defense (DoD).

JASK SpecOps augments clients’ existing cyber staff to reduce the time-to-value for the JASK ASOC platform while empowering teams with resources to apply the latest tactics, techniques and procedures to defend critical assets from advanced cyberattacks. The service has grown 500 percent since its introduction in May, and the team currently conducts about 50 investigations per month, of which 15 percent are ruled active incidents.

The JASK SpecOps team is comprised of cyber units across cybersecurity companies and U.S. government organizations. Members include:

• Kevin Stear is the lead threat analyst and founding member of JASK SpecOps. Kevin is responsible for the team’s day-to-day operations which include threat hunting, related research, and strategic and tactical analytic/logic creation. A 17-year veteran of the DoD, Kevin was previously on the RSA FirstWatch team and held a key information security role with Aetna.
• Darren Spruell, senior threat analyst, was a threat researcher with RiskIQ and brings experience using intelligence-driven countermeasures to help customers build defensible environments and instruments that provide visibility and control.
• Brian Gardiner, senior threat analyst, previously worked as a senior incident response analyst with IBM X-Force IRIS and at Aetna as the information security advisor for the Security Data Analytics team.
• Greg Longo, senior threat analyst, has cybersecurity experience in both the public and private sectors. Greg has been with the U.S. Air Force and Air National Guard since 2002 and currently serves as a Communications Squadron Commander. Prior to JASK, Greg was the global threat management lead at Covestro and held a number of technical positions at CERT, part of the Software Engineering Institute at Carnegie Mellon University.
• Ellie Soto, threat analyst, brings over seven years of experience with the DoD as a digital network vulnerability analyst. Part of Ellie’s tenure with the DoD was held while deployed in Afghanistan and while stationed at Fort Meade in Maryland.
• David McEwan, threat analyst, has over 10 years of experience in cybersecurity with previous positions in healthcare and financial services. Prior to JASK, David worked as a senior security operations specialist for Akamai Technologies, where he was involved in mitigating a number of high-profile campaigns targeting a broad spectrum of industries.
• Matrixed team members include Rod Soto, director of security research and board member of HackMiami; Ben Norton, an engineering resource; as well as Daniel Smallwood and Carlos Castillo of Threat Engineering, a team dedicated to creating and delivering the emerging threat content to the product.

“As more of our customers bolster their investment in the JASK ASOC platform by taking advantage of the SpecOps service, it’s exciting to see the team grow with the addition of such extraordinary talent,” said Greg Martin, JASK CEO and co-founder. “This elite team of threat hunters continues to offer JASK ASOC customers a new level of value by employing the latest tactics and techniques to defend customers’ critical assets from advanced cyberattacks.”

For a flat subscription fee (20 percent of software licensing costs), the SpecOps team works directly with JASK ASOC customers to derive increased value from the platform, as well as share best practices and intelligence on emerging threats. The full range of SpecOps customer benefits include:

• Active hunting and notification services,
• Routine collaborative hunting sessions,
• Root cause and malware analysis,
• Incident investigation, mitigation, and recovery support,
• Custom incident and threat assessment reports,
• Behavioral and discrete content creation,
• Access to crowdsourced JASK threat intelligence.

“As a long-time customer of JASK, we’ve always been impressed with the unheard of level of customer support the team offers us,” said Lewis Brodnax III, chief security officer, GreenSky.

“With the volume of traditional alerts growing exponentially, we can’t possibly train enough staff to manage the deluge of data, but the artificial intelligence capabilities of the JASK ASOC platform have made my security team more effective than ever before. We’re now excited to work side-by-side with JASK SpecOps to further strengthen our team and benefit from the knowledge of some of the best threat hunters in the industry.”