Hunted Labs has enlisted the expertise of George Barnes, a former deputy director of the National Security Agency (NSA), to enhance its capabilities in identifying threats within open source software. This sensible strategic move is intended to correct an increasing trend of not knowing your software contributors. The need was acutely felt in early 2024, when a Microsoft engineer found a backdoor in XZ Utils, a very significant software component that most Linux distributions depend on.
Barnes spent 35 years of his career working at the NSA. From this deep well of experience gained from his myriad assignments, he conveys a unique and valuable perspective. He transitioned from comfortable roles in cities like London to directly engaging in conflict zones, equipping him with a unique perspective on cybersecurity challenges. From 2017 to 2023 he was the deputy director at the NSA. This unique experience has readied him to address the challenges of today’s software vulnerabilities.
The imperative for security in open source software has increased significantly since that shocking discovery of the backdoor. The criminal behind this breach certainly established a baseline of trust in the community over many years. Yet, they completely covered their tracks before carrying out the dastardly deed.
“We don’t know what connections they have to any organization or any foreign influence,” – Hayden Smith
As a SME, Smith has focused on DevOps and cyber defense for several DoD efforts. More importantly, he understands how critical this work is. Most recently, he was a key architect of the DoD’s Platform One project. The goal of this titan software factory is to make software development faster and more secure.
Hunted Labs specializes in traditional open source software threat management. Our focus is on understanding all software in use and proactively finding weaknesses in code. With new competition flooding the space, the company’s mission is more critical than ever. Black Duck Software, Mend.io, and Snyk are just a few of the other players competing for supremacy in this space.
Barnes said he is excited about his new role at Hunted Labs and recognizes he has to be strategic in how he manages his transition.
“I have a cooling off period — that’s two years for DoD,” – Tim Barnes
This strategic partnership with Barnes is only a component of a larger initiative funded by an AFWERX phase 2 award. This program supports research contracts aimed at fostering innovation within small businesses, underscoring the importance of emerging solutions in cybersecurity.
Smith saw a gap in existing tools that were able to remediate open source vulnerabilities at scale.
“There really was no product or no tool out there that could help accomplish this at scale,” – Hayden Smith
Hunted Labs and Barnes are collaborating to draw on his decades of experience. Collectively, they are driving each other to come up with innovative solutions that tackle all of the pressing problems in software security right now. Barnes is confident his deep experience at the NSA will open up unique opportunities for Hunted Labs. This passion and knowledge will fuel their dogged determination to find novel ways to advance threat detection.
“They are recognized professionals in their own right, and so that actually opens doors,” – Tim Barnes
Threats to open source software are changing every day. With Hunted Labs, we’re all geared up and looking to further expand our Lab’s offerings and protect users from their teammates’ potential vulnerabilities. Industry veterans Barnes and Smith continue to steer the company with precision. They hope to produce game-changing technologies that help address these problems head-on.
Leave a Reply