avatar

Matt Suiche

Cybersecurity Researcher

Hi there! I’m Matt Suiche, Director of Incident Response R&D at Magnet Forensics (MAGT:TO), an organization aiming to seek justice and protect the innocent, after they acquired my cybersecurity start-up Comae Technologies in 2022. Before founding Comae, I was the Chief Scientist and Co-Founder at CloudVolumes (NASDAQ:VMW). I’m also the founder of the cybersecurity community project OPCDE.

I have always had a passion for learning new things and understanding how they work. I first got acquainted with cybersecurity through reverse engineering as a teenager, which fueled my deep curiosity for tech. Since then, I’ve studied various technologies such as operating systems architecture, programming languages, virtualization, modern web application development, generative art, and multiple domains of privacy and surveillance, forensics, blockchain, community development, etc.

Latest

Magnet Forensics Acquires Cybersecurity Software Firm Comae Technologies

Magnet Forensics, a developer of digital investigation solutions for more than 4,000 enterprises and public safety organizations in over 100 countries, announced the acquisition of the strategic IP assets of Comae Technologies. As part of the acquisition, Comae founder Matt Suiche will lead a memory analysis and incident response research and development team at Magnet Forensics, where he will further develop a memory analysis platform and integrate the technology into the company’s existing solutions.

SUNBURST & Memory Analysis

The recent SolarWind’s hack which resulted in a backdoor version of their SolarWind Orion product which counts 33,000 customers has been all over the news in the past few weeks - most things have been said and repeated, although there are few notes that I mentioned on Twitter which I would like to compile in a blogpost for perenniality. First of all, I would like to point out to the presence in the backdoor process blacklist (the full list can be found on Itay Cohen’s repository) of several processes that can be used for either:

Azure Sphere Internals - Overview

GitHub Repository: https://github.com/msuiche/ruby-square Introduction 🔗In May, Microsoft announced a bounty for their new IoT platform called Azure Sphere. The interesting part about it is that it’s created with security in mind, which is a much needed initiative, so we decided to take a look. While we didn’t find any issues worth reporting, we thought it would be a waste not to share what we’ve learned. Hopefully, this will be useful for others wanting to research the platform or those considering to use it for their projects.