Team Member Spotlight: Daniel Folger, Security Researcher
January 05, 2021
Behind Claroty’s ability to deliver the leading industrial cybersecurity platform and serve as the trusted advisor for industrial cybersecurity is a dynamic, collaborative team of doers. In this Team Member Spotlight series, we’ll be shining a spotlight on the experiences and perspectives of featured members of The Claroty Team. To learn more about opportunities to join our team, visit our careers page.
Daniel Folger, Security Researcher at Claroty
Q: How did you become interested in pursuing a career in cybersecurity research?
The cybersecurity world has always interested me, since I was a child. The combination of technology and global events—such as cyberwarfare between nation states or high-profile cyber attacks against big firms—makes cybersecurity one of the most important and interesting sectors in the high-tech space. Over the years, I’ve learned a lot about threat actors, attack methods, vulnerabilities, and cybercrime campaigns, as well as the damage they can do. So, I decided that I wanted to pursue a career in which I could help protect against cyber attacks.
Q: You’re responsible for Claroty’s threat definition bundle, as well as CTD behavior to provide better data quality. Can you please share insight into both of those projects?
Claroty threat definition bundles enable us to keep our clients updated on all known industrial cybersecurity vulnerabilities. This provides users with a full picture of vulnerable components within their industrial technology network, while also enabling Claroty to deliver alerts about the most recent threats. We’re identifying suspicious behaviors in our customers’ networks using Snort and YARA rules created by Claroty vulnerability researchers and other experts in the industry, and then we’re updating those rules in each threat bundle.
For example, several weeks ago, a group of hackers attacked multiple U.S. government agencies by exploiting a vulnerability in SolarWinds’s Orion software. Claroty researchers quickly investigated the vulnerabilities, created Snort and YARA rules to help identify them, and published an alert that was automatically delivered to our customers to help them protect against such attacks.
I’m also responsible for the Asset Risk Scoring feature of Claroty Continuous Threat Detection (CTD). This feature provides a metric estimating the level of risk for each asset and zone within an organization’s industrial technology environment based on several factors, such as known vulnerabilities, network behavior, an asset’s location in the network, asset criticality, and more. By indicating which assets and zones within an industrial network are most at risk to cyber threats, Asset Risk Scoring enables users to prioritize cybersecurity efforts appropriately.
Q: What’s your favorite aspect of working as a security researcher?
The sense of purpose. In my work as a cybersecurity researcher, I’m helping to make the world safer. The modern world is increasingly dependent on technology, and this technology needs proper cyber-defense capabilities to run reliably. Cybersecurity researchers all around the world are on the front lines of a never-ending battle against adversaries and evolving cybercrime tactics.
Q: What are your favorite aspects of Claroty’s work culture?
The freedom to create and develop. At Claroty, each team member has the opportunity to make a huge difference and achieve great things, working toward personal goals and the company’s goals at the same time with full support from managers. Although we always have a lot of work to do, we’re given many opportunities to focus on areas that interest us and forge our own paths.
Q: How have you been staying sane in quarantine?
Running. I had never been a runner before COVID-19 came into our lives, but during quarantine, I’ve found that a 30-minute run each day is a great way to release stress.
Q: Do you have any tips for staying productive while working from home?
Keeping a routine. Wake up at the same time every day, change your clothes, eat breakfast, and take scheduled breaks during the workday. I found out that having a daily routine helps me to maintain focus, be productive, and stay calm.
It’s also important to find time for yourself. It’s easy for the boundaries between work and home life to fade while working from home, so it’s easy to focus only on work at the expense of your personal life. But even in the busiest times, it’s important to set aside time for reading, watching TV, doing sport, or talking with friends and family. When you invest time in yourself, you are happier, and when you are happier, you work better.
Q: What’s a fun fact about you many people may not know?
When I was younger, my dream was to be a football (soccer) coach. I’ve spent hours playing with soccer manager simulators on the computer and reading about football formations and tactics. Although football—mostly English football—is still one of my main hobbies today, I’ve shifted my career goals to focus on cyber-attacks, instead of strikers attacks.
Q: When we’re able to safely travel again, what’s the first place you’d like to go?
Valpolicella, Italy. My love story with Italy began when I was six years old, and since then, I visit every year or so. Mostly I visit the Valpolicella area, located in northern Italy, where my family and I have a lot of friends. I fell in love with the Italian culture, the history, the lovely people, and the amazing food, and I am looking forward to visiting again soon.