Alexander Heid
Alexander Heid | |
|---|---|
| Occupation(s) | Chief Research Officer of SecurityScorecard, Hacker |
| Organization(s) | SecurityScorecard, HackMiami |
Alexander Heid is an American computer security consultant, white hat hacker, and business executive.
Heid is a co-founder of the South Florida hacker conference and hacker group known as HackMiami,[1] and currently serves as the chief research officer of the New York City information security firm SecurityScorecard.[2]
Early life and education[edit]
Alexander Heid grew up in Miami, Florida and attended Barbara Goleman Senior High School.[3]
Career[edit]
Alexander Heid currently serves as chief research officer of the New York City information security firm SecurityScorecard. Heid joined the company in 2014, working directly with Aleksandr Yampolskiy and Sam Kassoumeh to develop the signal collection methodologies that powers the cyber threat intelligence and third party management aspects of the platform.
Heid is documented as being one of the first researchers to attribute the Equifax data breach to a vulnerability in Apache Struts 2 within the first hours of the breach announcement.[4][5]
Prior to SecurityScorecard, Heid was the head of threat intelligence at Prolexic. Heid developed counterattack and neutralization methodologies against DDoS campaigns by discovering vulnerabilities in the attacker's botnet command and control servers.[6]
During the time at Prolexic, Heid was involved in the defense and mitigation of the Operation Ababil campaigns that were targeting the financial sector.[7][8]
Additionally, Heid has held senior security roles within the banking industry, specializing in web application vulnerability analysis and botnet cyber threat intelligence. Heid has given multiple presentations at hacker conferences demonstrating exploitable vulnerabilities within crimeware applications that can be leveraged by white hat researchers for the purposes of attribution and threat neutralization.[9][10]
Heid is also the author of the 2013 cryptocurrency threat intelligence report, "Analysis of the Cryptocurrency Marketplace," which was the first forensic report about malware threats relating to blockchain technologies. The report is ranked as one of the Top 1000 'Most Cited Blockchain Publications' by BlockchainLibrary.[11][12]
References[edit]
- ^ Kushner, David. "The Geeks on the Front Lines". RollingStone.
- ^ "SecurityScorecard Leadership". SecurityScorecard Leadership.
- ^ Banham, Russ. "Spy on Spy: Hacking into the Darknet". RussBanham.com.
- ^ McLannahan, Ben. "Equifax flaws exposed by hack attack". FT.com.
- ^ Warren, Elizabeth. "Letter to Richard Smith re: Equifax Hearing" (PDF). Senate.gov.
- ^ Goodin, Dan. "White hats publish DDoS hijacking manual, turn tables on attackers". ArsTechnica.com.
- ^ "PLXSERT - DDoS Attacks Against Global Markets".
- ^ "Prolexic Quarterly Global DDoS Attack Report - Q2-2013" (PDF).
- ^ Heid, Alex. "The Next HOPE (2010): Modern Crimeware Tools and Techniques: An Analysis of Underground Resources". YouTube.com.
- ^ Heid, Alex. "HOPE Number Nine (2012): Crimeware Tools and Techniques of 2012: Past, Present, and Future". YouTube.com.
- ^ "Most Cited Blockchain Publications". BlockchainLibrary.com.
- ^ Heid, Alex. "HackMiami: Analysis of the Cryptocurrency Marketplace (2013)" (PDF). HackMiami.org.