Interview with Sunil James, Manager of iDEFENSE's Vulnerability Contributor Program
by Mirko Zorz - Tuesday, 1 April 2003.
Sunil James manages iDEFENSE's Vulnerability Contributor Program (VCP). He is a member of the company's Technical Intelligence team. Sunil joined iDEFENSE in July 2000, and has worked in various capacities - both technical and non-technical - throughout the company. Previous to iDEFENSE, he has worked at the US State Department, the Council on Foreign Relations, Johns Hopkins University, and Pinkerton Global Intelligence Services. He is currently pursuing his CISSP certification.

Introduce iDEFENSE. When was the company started? How did it evolve?

iDEFENSE is the only remaining independent security intelligence provider in the market today. The company was founded in 1998, committed to applying traditional intelligence-gathering techniques to provide clients with comprehensive and actionable security intelligence. Based on that vision, a team of former military intelligence personnel and computer security experts was built to address the emerging challenges of the cyber landscape.

What security services do you offer?

iDEFENSE's family of security intelligence products provides advanced warning and analysis of threats to our clients' critical information infrastructure. However, our analysts go well beyond technical vulnerabilities and virus attacks to evaluate the impact of hackers, incidents, geopolitical aspects, legal implications and policy decisions on information networks, applications and systems. Our product suite provides decision-makers and frontline security professionals with near real-time access to 15,000 actionable intelligence reports on cyber threats in an easy-to-read, organized format. The products are broken up into the following:

iMONITOR: Uses analysts to develop a custom intelligence collection plan that can include such topics as the misuse of company trademarks, negative press, cyber squatters, protest or conspiracy websites and publicly/privately available details of your network infrastructure. Reporting is immediate (as required), weekly and/or quarterly.

iPOWER: Provides a robust and extremely granular view of vulnerabilities and exploit code that can be easily added to databases, products or services. Data is often fully tested and verified by iDEFENSE Labs and in consultations with affected vendors. Discovered underground exploit code and IDS signatures are also available. iPOWER also covers proactive monitoring and "infiltration" of hacker and virus authoring groups in an effort to glean information well ahead of an active threat.

iAWARE: Our iAWARE weekly reports provide users with security best practice information designed to reinforce or support your organization's existing security policy. iAWARE reports are a valuable tool in the fight against intrusions and malicious code infections. Researched and written by iDEFENSE's security experts, these reports combine industry-leading best practices with easy-to-follow instructions on avoiding widespread damage from emerging cyber threats. iDEFENSE provides intelligence-driven desktop services that allow your organization to avoid or mitigate attacks on computer networks and information assets before they occur.

What do you see as your advantages in the marketplace?


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Feb 8th