The focus of our research is to find new ways to take data and turn it into actionable information. Those responsible for network and infrastructure protection need to respond to events—especially threats—as they arrive, and speed is often critical. Unfortunately, sifting through mountains of data can be closer to finding a needle in a haystack. Through visualization techniques, threat modeling, analytics, and application security methods, we develop ways to quickly process that data and let the professionals do their jobs—or prevent the threats from becoming attacks in the first place.
Whatever problem domain we are addressing, our research is always focused on real users struggling with real-world problems. From corporate security offices to cyber warriors, our mission is to ensure that the work we do today will meet their needs and improve their effectiveness now—not ten years down the road. We achieve this by simply making them part of the entire process, from the very start through successful transition:
When we solve a problem, we don’t want the solution to gather dust; we aren’t in the business of making shelf-ware. After we have completed the R&D, we work diligently to transition the technology into operational use. This can mean commercialization, open-sourcing , or publishing the results so that the rest of the cyber community can benefit. We intend our projects to be used. We are currently partnered with Code Dx, Inc. to transition our application security R&D into commercial tools, and to maintain and update open source technologies (such as Code Pulse) developed by Secure Decisions.