Join us for the Honeynet Workshop 2024: May 27th–29th, Copenhagen, Denmark

Interview with our new CEO Andre Ludwig

22 Oct 2015 Leon van der Eijk meet-our-new-ceo-andre

1. Hello Andre and congratulations on getting the CEO job ! Can you please tell us a bit more about yourself. What is your background for instance ?

Oh where to start? I have been in the security field for the last 15 or so years, doing various things like running IT/security for small mortgage companies, being a pentester/audit consulting type, doing front line IDS/IR work for large global infrastructure providers, as well as building custom detection systems and analysis tools for large commercial orgs. Beyond my work life I have been heavily involved in the security community as and individual as well as part of non profits in the past. I have had a tremendous amount of fun participating in and instigating (in some case) large botnet/malware interdiction efforts including conficker, koobface, waledec, storm, dnschanger, and others. Those efforts were all exciting and amazing opportunities to work with others to figure out how those threats works and come up with ideas on how to disrupt them while raising awareness of the threat they posed.

2. Where you involved in the HnP before ? If so what chapter ?

I have floated around the HnP for a long while, but due to limited extra time and my previous focus on working with other non profits in the space I did not have much time to contribute or pursue full membership. I am extremely excited to now be in a position where my sole focus is on HnP and driving new ideas to reality and handling the day to day and week to week work of the organization.

3. How did you get into honeypots in the first place ?

The short version is it was a natural progression of trying to learn and understand what attackers were doing so I could properly defend against the threat they post.  A recent example of this from my day job was when my team created and released an open source honeypot that allowed us to completely understand what one group of attackers was doing when attacking elastic search instances. With out the continual feed of data that our honeypot produced on what the attackers were doing, what vulnerabilities they were exploiting, and which malware they were using we would have lacked a tremendous amount of understanding.  It is that knowledge that honeypots and similar capabilities deliver that are so important to defenders.  Which is no doubt why in the larger security industry we are seeing more companies focusing their attention on this type of capability for products and services they offer to their customers.

Our elastic search honeypot:
https://github.com/Novetta/delilah

The report it helped produce:
http://www.novetta.com/wp-content/uploads/2015/06/NTRG_ElasticBotnetReport_06102015.pdf

4. What are your ideas for the future for the HnP ?

How much time do you have? ;)

Joking aside what one of my main efforts will be is finding creative ways to increase the amount and types of security research being done by the organization and its members.  I also want to find ways to help identify, bring into HnP, and build new talent that can help us build more innovative ideas into “the new normal” for industry.

I think as an organization we have a really solid reputation for doing that in the past so I want to make sure that we continue to build on that reputation in a quantifiable and meaningful way.  The best way I can think to do that is to try and find ways to enable HnP to increase its delivery on its goals of research, raising awareness of threats, fighting malware threats, and delivering tools to the larger community to help accomplish those goals. So figure in the future there will be lots of internal discussions on topics related to this!

5. Any words for your predecessor ?

I now stand on the shoulders of giants that came before me.

I really am looking forward to working with the Angelo and Christian, the existing BOD, and all the members who have been a part of this organization.  The folks who have gotten the organizations to this point are some of the very folks who will be critical to moving new ideas forward to success.  It truly is an honor to join the heritage of an organization like this one that has been responsible for so many important contributions to the security community and the industry that grew up around it. I look forward to making the impossible a reality with all our members and friends!

Thank you Andre and all the best in running this great project !

Leon van der Eijk

Chief PR Officer