Friday, September 07, 2012

Red Sky Weekly - New Fusion Report details shift in TTP

I posted earlier this week, so this one will be a little shorter. It’s September, and time to get back to work! Red Sky works hard to create forward movement every single week, and this week was a good one.

  • Fusion Report 23 (and Beadwindow Fusion Report 001) were posted to the  portals earlier this week. The analysis was tipped from open source, but detailed a major TTP change in a prolific group, noted within about 24 hours after the shift, from a TTP the actors used for at least the last 18-24 months. This is as good (better!) than 0-day research as it showed a shift in TTPs and the new malware that goes with it. The report, because it was tipped from open sources, was made available to both the private Red Sky portal and our Private/Public portal - Beadwindow.
  • Beadwindow is doing well. We’re in our first official week of operation and have a number of State/Local and Critical Infrastructure participants, as well as two of the original founding Red Sky members who’ve opted to participate directly with government users in the new, more open portal. We’re holding orientation for the new group today, and expect to see conversations starting next week. In fact, we’ve already got one participant authoring a search/retrieval application to interface with their city’s big data project. Very exciting!
  • Threat Day! We’ve just finalized plans for next Threat Day, to be held at a member location in DC. We’ll be sending members invitations and calls for papers today. Our last went really well. I’m looking forward to this one too. Plan on cocktails at the Army Navy Club for the night before! For members reading this, please RSVP in the portal. I’ve posted details there.

From a growth perspective, I can tell we’re maturing. We had to add a ticketing system to our backend today. It doesn’t take long before we realized that not having process around workflow --as many bootstrapped startups realize quickly, creates problems in customer service. Even one is to many, and we had one today. Those who know me know I’m a process guy. I’m going to start walking through those checklists as we speak! We’re going to need it more as time goes on. We have three new companies receiving Red Sky  membership packages this afternoon!

Interested in joining Red Sky? While Founding memberships are basically filled, Founding member rates are being honored through 12/31.

Interested in joining Beadwindow? We have a government and academic rate structure to accomodate you too and Beadwindow is off to a great start! 

Drop us a note now at or

Until next week!
Have a great weekend!

Wednesday, September 05, 2012

Wow! Beadwindow is going like gangbusters!

I realize this is an out of cycle posting, but I'm really happy today. We went live with Beadwindow on Monday, and in two days:
  • We've created accounts for thirteen state and local users, three members of an ISAC SOC, two of our Red Sky Founding Members (a Global Bank and a Tech Company!), and our Red Sky analysts.
  • Our first Fusion Report was posted to the Beadwindow portal. The report offers infrastructure analysis and a major TTP shift for a prolific group of APT actors
  • Conversations have started, and are moving nicely!
I'm psyched!  Opening a portal to allow government participation looks, at least at the early (infantile) stages, as a really great P2 (private-public) interaction opportunity as few restrictions as possible (we have only three very simple rules!).