Farsight Security COO Alexa Raad: ‘Be Your Own Champion’
Alexa Raad is chief operating officer of Farsight Security, based in San Mateo, California. Farsight Security is a provider of real-time actionable Internet threat intelligence solutions.
In this exclusive interview, Raad discusses methods of curbing cybercrime by tracking bad actors through the trails they leave in the domain name system. She also offers some encouraging advice to women and girls interested in breaking into the cybersecurity field.
Farsight Security COO Alexa Raad
Chief Operating Officer
TechNewsWorld: What is Farsight Security’s mission?
Alexa Raad: We believe that everyone is entitled to a safer Internet, and so everything we do starts out with that mission in mind. What we do is provide Internet defenders with very valuable data that they can use to get some context around nefarious acts.
As an example, if you think about Internet threats like phishing and botnets and malware — all of those start with a DNS — a domain name system. And so every kind of nefarious act leaves footprints and fingerprints in the DNS. That’s something that cannot be faked. We provide information that is contextual.
To give an example, a lot of the new domain names that are registered are typically registered with bad intent, meaning criminals are going to use them to commit some sort of act, like phishing attacks, etc. When a domain name is registered, it’s fine, but when traffic starts going to those sites, it becomes much more dangerous.
When people start actually going to a phishing site, it raises the threat level. We have a global sensor network that picks up these resolutions. We collect this data, but without any personally-identifiable information, which is important.
That information allows people to see what’s actually got some traction, and we also add additional information for guilt by association. If a phishing site is actually hosted where there are lots of other bad actors or bad sites, that provides you with some context. You start to follow that and get a better picture of that attack than you would otherwise.
We provide real-time and historical information, and both are contextual. The real-time data is important, because you have to fight these battles in near real time. The historical information is important because you want to know if this was the first time we ever saw this URL or domain name. A lot of these patterns repeat themselves. It is unlikely that a site was bad six months ago and all of a sudden it’s reformed. Having that contextual information is important.
TNW: Why do you have a passion for cybersecurity? Why do you think it’s an important and vital field?