Meet Threat Detection Engineering Expert at DeepSeas, Dan Rossell
April 28, 2023
We had the pleasure of interviewing a threat detection engineering expert at DeepSeas, Dan Rossell, CEH, CASP, CCNA, CCNP, CISSP, GCIH, GCFA, GREM, GICSP, GPEN. In the interview below, Dan shares what drew him to the cyber defense industry and his role at DeepSeas.
Hi, Dan. Can you share a bit about what drew you to a threat detection engineering expert role in the cyber defense industry?
I’ve always enjoyed taking on technical challenges and finding solutions to hard problems. Cyber defenders have to be right 100% of the time, and I enjoy looking for new and innovative ways to detect malicious activity.
As a Threat Detection Engineering Director at DeepSeas, I lead a talented crew who is responsible for tracking malware families and cyber threat actors, as well as developing new detections to expose malicious activity across an array of environments with varying defensive tools.
How does your threat detection engineering expertise enhance the DeepSeas ability to protect customers?
In my 18 years as a cyber security professional, I have worked in a variety of both offensive and defensive cyber roles. I spent 13 years as a cyber space operations officer in the U.S. Army and have since spent another five years in various roles in commercial cyber defense.
I understand how Advanced Persistent Threat (APT) and Nation-state actors operate as well as the level of detail needed to successfully stop them. I am a big proponent of threat informed defense. All of our threat detection engineering efforts are focused on expanding the detection coverage that the DeepSeas Platform offers to our clients.
For example, the behavioral detections and advanced correlation capabilities we have implemented in the DeepSeas Platform routinely lead us to detecting new malware campaigns and attacks before they are publicly known. Most recently, our DeepSeas crew identified and reported a novel variant of Qakbot that utilized malicious Microsoft OneNote files.
What single piece of advice would you share with a CISO to improve her/his organization’s cyber defense posture?
You can’t defend what you don’t know about. Knowledge of your environment and your attack surface is paramount to protecting an enterprise.
We’re fortunate to have Dan as a Director of Threat Detection Engineering at DeepSeas and thank him for sharing a bit about his expertise. Come back to meet more of our DeepSeas cyber security experts in future issues of our “Meet Our Deeps” series.