Matt Suiche

Matt Suiche
Suiche presenting a talk at a conference
Matt Suiche.
Born (1988-09-22) 22 September 1988 (age 36)
NationalityFrench
Known forComputer security
Memory forensics
Virtualization
Scientific career
FieldsComputer science
Websitewww.msuiche.com

Matthieu Suiche (born September 22, 1988), also known as Matt and under the username msuiche, is a French hacker and entrepreneur. He is widely known as the founder of MoonSols and co-founder of CloudVolumes, which was acquired[1] by VMWare in 2014. In March 2014, Suiche was highlighted as one of the 100 key French developers in a report[2] for French minister Fleur Pellerin.

Career

Suiche is best known for his work in the memory forensics and computer security fields. His most notable research contributions include Windows hibernation file[3] analysis and Mac OS X physical memory analysis.[4]

Furthermore, he created LiveCloudKd,[5] a utility to analyze running Microsoft Hyper-V virtual machines. Microsoft Technical fellow Mark Russinovich highlighted it on his blog[6] before introducing[7] a similar feature in one of Microsoft's tools. Russinovich also said "We were so impressed that we invited Matthieu to speak about live kernel debugging and LiveCloudKd at this year’s BlueHat Security Briefings".

He is also known to have discovered multiple security flaws in multiple Microsoft Windows kernel components.[8][9] Suiche is Microsoft Most Valuable Professional in Enterprise Security.[10]

Suiche started his career as an independent security researcher by presenting his work about the Microsoft Windows hibernation file for the first time at the international conference PacSec held in Tokyo in 2007.[11] His expertise earned him an invitation from Europol to speak at their internal High Tech Crime Experts Meeting in 2008.[12][13] Between 2009 and 2010, he worked as a researcher for Netherlands Forensic Institute in The Hague. He then founded MoonSols, a company specializing in memory forensics and incident response.

Suiche was also contributor[14] of the Samba project during the Google Summer of Code in 2008, where he was in charge of implementing the new compression algorithms used by the networking protocols.

In 2011, Suiche founded CloudVolumes (formerly SnapVolumes[15]) a California-based virtualization management product company where he served as a Chief Scientist.[16] Company was acquired by VMware in 2014.[17][non-primary source needed]

In 2016, Suiche founded Comae, is a UAE-based cybersecurity company that specializes in cloud-based memory analysis used to recover evidence from the volatile memory of devices. Company was acquired by Magnet Forensics in 2022.[17][non-primary source needed]

Conferences

Suiche also had been a frequent speaker at various computer security conferences such as Black Hat Briefings,[18][19] Microsoft Blue Hat Hacker Conference,[20] Shakacon, Hackito Ergo Sum, Europol High Tech Crime Experts Meeting, CanSecWest,[21] PacSec,[22] Hack In The Box, SyScan[23] and Shakacon.

He is on the board of Program Committee of Shakacon security conference, and one of the founders of Hackito Ergo Sum security conference in Paris.

The Shadow Brokers

The Shadow Brokers is a hacker group who first appeared in the summer of 2016. They published several leaks containing hacking tools, including several zero-day exploits, from the "Equation Group" who are widely suspected to be a branch of the National Security Agency (NSA) of the United States. Suiche spoke at the BlackHat about The Shadow Brokers’ saga, the large Vegas-based cybersecurity conference and after his presentation the TSB posted a public message stating “Hello Matt Suiche, The ShadowBrokers is sorry TheShadowBrokers is missing you at theblackhats or maybe not.”[24]

Suiche along with James Bamford speculated that an insider, "possibly someone assigned to the [NSA's] highly sensitive Tailored Access Operations", stole the hacking tools.[25]

Pwnie Awards 2013

In 2012, Suiche was one of the security researchers (along with several other well-known security researchers) who submitted a bogus article[26] entitled "Nmap: The Internet Considered Harmful - DARPA Inference Checking Kludge Scanning" to Hakin9 Information Security Magazine. This article has been used as a social proof to demonstrate the lack of relevance and expertise of certain media dedicated to Information Security, but also to criticize spamming techniques used by media in order to generate quantity-oriented data rather than quality-oriented information. The following year, this article resulted in being awarded the 2013 Pwnie Awards[27][28] attributed to Hakin9 under the "Most Epic FAIL" category.

Awards and recognition

  • 2009-2015, Microsoft Most Valuable Professional.[10]
  • 2014, One of the 100 top key developers in France.[2]

Bibliography

  • Debugged! Mz/Pe: Magazine For/From Practicing Engineers by Dmitry Vostokov, Matthieu Suiche and Roberto Alexis Farah, OpenTask ISBN 1-90-671738-9, 2009

See also

References

  1. ^ "VMware Acquires CloudVolumes". 2014-08-20. Retrieved 2023-05-29.
  2. ^ a b "Les développeurs, un atout pour la France" (PDF). Retrieved 2023-05-29.
  3. ^ "Windows hibernation file for fun and profit" (PDF). Retrieved 2023-05-29.
  4. ^ "Advanced Mac OS X Physical Memory Analysis" (PDF). Retrieved 2023-05-29.
  5. ^ "LiveKd for Virtual Machine Debugging". 2019-06-27. Retrieved 2023-05-29.
  6. ^ "LiveKd for Virtual Machine Debugging".
  7. ^ "LiveKd 5.0 for Hyper-V Debugging Released to Windows Sysinternals". Retrieved 2023-05-29.
  8. ^ "Microsoft Security Bulletin MS10-048 - Important". Retrieved 2023-05-29.
  9. ^ "Microsoft to thank Google researcher for privately reporting Windows bugs". Retrieved 2023-05-29.
  10. ^ a b "Matthieu B. Suiche". Retrieved 2023-05-29.
  11. ^ "Information Security News: PacSec 2007 Agenda (Tokyo 11-29/30)". Retrieved 2023-05-29.
  12. ^ "High Tech Crime Experts Meeting". Archived from the original on January 2, 2009.
  13. ^ "Europol High Tech Crime Expert Meeting - Matthieu Suiche's blog !". www.msuiche.net. Archived from the original on 25 January 2009. Retrieved 14 January 2022.
  14. ^ "git.samba.org - samba.git/search". git.samba.org.
  15. ^ ""CloudVolumes Delivers Industry's First Instant Workload Management Solutions to Reduce Complexity, Increase Efficiency and Provide Mobility within the Datacenter and Cloud"". Archived from the original on 2014-02-22.
  16. ^ "SnapVolumes Secures $2.3 Million Seed Financing to Redefine Application Deployment and Management of Virtual Desktops, Servers". Archived from the original on 2014-02-22.
  17. ^ a b "Magnet Forensics Acquires Cybersecurity Software Firm Comae Technologies". Retrieved 2023-05-29.
  18. ^ "Black Hat ® Technical Security Conference: DC 2011 // Speaker Bios". www.blackhat.com.
  19. ^ NetworkWorld, Quirky moments at Black Hat DC 2011 Archived 2014-02-27 at the Wayback Machine
  20. ^ "BlueHat Security Briefings: Fall 2010 Sessions". Archived from the original on 2013-12-13.
  21. ^ "CanSecWest Applied Security Conference: Vancouver, British Columbia, Canada". cansecwest.com. Archived from the original on 2014-02-22.
  22. ^ PacSec
  23. ^ "Hội thảo bảo mật SyScan 2010: Nhiều chủ đề hấp dẫn". Archived from the original on 2014-02-22.
  24. ^ "Meet the French researcher the Shadow Brokers keep calling out". CyberScoop. 2017-11-02. Retrieved 2022-04-07.
  25. ^ "Commentary: Evidence points to another Snowden at the NSA". Reuters. 2016-08-22. Retrieved 2022-04-07.
  26. ^ "Experts troll 'biggest security mag in the world' with DICKish submission". Retrieved 2023-05-29.
  27. ^ "Pwnie Awards 2013 Winners: Barnaby Jack, Edward Snowden, Hakin9, Evad3rs - Slashdot". Retrieved 2023-05-29.
  28. ^ "Pwnie Award Winners 2022 – Pwnies". Retrieved 2023-05-29.