Amit started his professional career in 1998 at the Israeli information security consultancy Comsec as a Unix and Internet Application consultant. In 2001 he moved to the US to work as a software architect at Praxell (later to be acquired by Datavantage,[19] and then Micros).
On 2004 Amit left the US to co-found Israeli startup BeeFence and served as its chief technology officer. Then in 2006 he took position as the director of security research at the security vendor Finjan, and a similar position in 2008 with Aladdin Knowledge Systems.
He then set out to serve as the vice president of consulting with Security-Art, and in 2012 took a position as director of services with the security consulting firm IOActive.
Starting in 2014 he served as vice president of the social media cyber security startup ZeroFOX, after which in 2016 he became a manager with Amazon.com information security. Since 2018 he is serving as the chief security officer of Cimpress.
He serves as a general director of the board of BSides Las Vegas, a Senior Advisory Board member of Axon Cyber, and an Advisory Board member of ZeroFOX.
Since 2022, he co-founded and serves as CEO of Gomboc.ai,[20] a deterministic AI cloud security startup and raised over $5 million in a venture capital round.[21]
Research
During his career, Amit focused his research on varying topics ranging from uncovering the business elements of cybercrime,[22][23] through connecting state sponsored activities with criminal ones.[24] He has contributed to one of the first research papers conducted on the Stuxnet worm,[25] and was featured on the cover of the inaugural Pentest Magazine about the Penetration Testing Execution Standard (PTES).[26]
He also co-authored research with Aviv Raff on Windows Vista's inherently insecure Widgets,[27] which were later removed from the operating system.
In 2011, Amit and Itzik Kotler presented at DEF CON, demonstrating how a bot master could communicate with botnets and with "zombie machines" using VoIP conference calls. Their open-source software, Moshi Moshi, illustrated how they could send instructions to and receive data from botnets and infiltrated networks using any phone line (including payphones).[28][29] This research was also based on his original research into advanced data exfiltration, in which he uncovered a method for side-channel data exfiltration[30] through various channels - including phone lines and fax machines, and released an open source tool for it[31]