Currently, Pedram focuses the majority of his time on InQuest (https://www.inquest.net). InQuest delivers two key technologies, Deep File Inspection (DFI) for real-time threat detection and "RetroHunting", a novel approach that leverages the power of hindsight to apply todays threat intelligence to yesterday's data. Commercially available as a SaaS email security add-on for Google Workspace (GSuite) / Microsoft O365, as a high-throughput on-premise network appliance, or via API. InQuest excels at malware analysis at global scale, you can follow our research efforts and tap into an everfresh source of data at our open research portal: https://labs.inquest.net
Pedram holds a computer science degree from Tulane University with minors in business, robotics, and mathematics. He began his professional career in 2002 as one of the founding members of iDEFENSE Labs, a security start-up in the Washington DC metro area which was acquired by Verisign in 2005. At iDEFENSE he architected and managed the Vulnerability Contributor Program (VCP) which consisted of a network of over 1,000 independent security researchers worldwide.
In 2005 Pedram moved to Austin, Texas to create the Zero Day Initiative (ZDI, http://www.zerodayinitiative.com) under the network security company TippingPoint. Similar to the VCP, the ZDI is a program for rewarding independent researchers for responsibly disclosing security vulnerabilities. This program has grown to be the largest and most successful of its kind. In the 5 years that Pedram ran the program, it unearthed and helped patch over 1,100 critical security flaws with contributions from over 1,600 researchers worldwide... that trend continues today. TippingPoint was acquired by 3Com and later Hewlett-Packard.
After the HP acquisition in 2010, Pedram founded and developed Jumpshot (archived website, Kickstarter launch), a consumer product for out-of-band malware removal. A unique software solution, Jumpshot differed from typical malware removal products in that the potentially infected computer is actually turned off. Jumpshot then took control of the system hardware and cleaned viruses and other undesirables from a forensic viewpoint with crowd-driven support from the cloud. A portion of the system was granted US patent #8812832. Jumpshot was unveiled from stealth mode in July of 2012 on the crowdfunding site Kickstarter. Soon after releasing the software to the general public, driven by excellent reviews on the efficacy of the product, Jumpshot was acquired by Avast. In September of 2013 Jumpshot was re-branded as GrimeFighter. (Please note, this is not the infamous data sciences firm Jumpshot.)
Pedram authored "Fuzzing: Brute Force Vulnerability Discovery", has presented at BlackHat, DefCon, RECon, Ekoparty, Microsoft Bluehat, ShmooCon, ToorCon and Virus Bulletin, and taught numerous sold out reverse engineering courses. His most recent in-person presentation was at Blackhat USA 2019:
Worm Charming: Harvesting Malware Lures for Fun and Profit
Recent blogs (@InQuest):
- Follina, the Latest in a Long Chain of Microsoft Office Exploits
- ZLoader 4.0 Macrosheets Evolution
- Getting Sneakier: Hidden Sheets, Data Connections, and XLM Macros
- Adobe XMP: Tales of an Overlooked Anchor
- Base64 Encoded Powershell Pivots
- Extracting "Sneaky" Excel XLM Macros
Fuzzing: Brute Force Vulnerability Discovery
- http://www.amazon.com/Fuzzing-Brute-Force-Vulnerability-Discovery/dp/0321446119
- Published: July 9, 2007
Method and system of using a non-native operating system for scanning and modifying system configuration data of a native operating system
- http://www.google.com/patents/US8812832
- Published: Aug 19, 2014
OpenRCE: Open Reverse Code Engineering Community
- http://www.openrce.org
- Launched: June 1, 2005
Citations
For an older talk but of particular interest to the vulnerability and exploitation markets and history, see his presentation from EkoParty Buenos Aires 2009 titled "Mostrame la guita! Adventures in buying vulnerabilities":
If you want to take a gander at a much younger albeit fatter Pedram, he's archived here unveiling the Paimei reverse engineering framework at the first RECON conference in Montreal.