Private Industry Coalition
Operation Blockbuster sets a new precedent for private industry’s role in the changing dynamic of cyber defense. Industry is no longer only a watchdog. Novetta led a team of elite security professionals, each with unique skills and talents, working collaboratively, to take decisive action against the threat actor behind the Sony Pictures attacks. The formation of this industry coalition is significant not only because our team was able to help protect others against future Lazarus Group attacks, but also because we fought back against the attackers. Industry teams like ours can help customers protect critical business data, as well as educate the general public about modern cyber threats. Below is a list of participants who made significant contributions to the success of this ongoing operation.
*Participants listed below in no particular order.
About Invincea
Invincea is the leader in advanced endpoint threat protection for enterprises worldwide. The company provides the most comprehensive solution to contain, identify, and control the advanced attacks that evade legacy security controls. Invincea protects enterprises against targeted threats including spear-phishing and Web drive-by attacks that exploit Java, Flash, and other applications. Combining the visibility and control of an endpoint solution with the intelligence of cloud analysis, Invincea provides the only market-deployed solution that defends against 0-day exploits, file-less malware, and previously unknown malware. The company is venture capital-backed and based in Fairfax, VA. Learn more at www.invincea.com.

About Novetta
Novetta is an advanced analytics company with over two decades of experience solving problems of national significance for government and commercial enterprises worldwide. Grounded in its work for national security clients, Novetta has pioneered disruptive technologies in four key areas of advanced analytics: data, cyber, open source/media and multi-int fusion. Novetta enables customers to find clarity from the complexity of ‘big data’ at scale and speed to help our customers detect threat and fraud, protect high value networks, and improve the bottom line. Learn more at www.novetta.com.

About Symantec
Symantec Corporation is the global leader in cybersecurity. Operating one of the world’s largest cyber intelligence networks, we see more threats, and protect more customers from the next generation of attacks. We help companies, governments and individuals secure their most important data wherever it lives. Learn more at www.symantec.com.

About Volexity
Volexity, a leading provider of threat intelligence and incident suppression services and solutions, is based in the Washington, DC area. The world class Volexity team has provided security and forensics services to Fortune companies, government agencies, presidential campaigns, celebrities, media outlets, technology companies, law firms, and leading security product vendors across the globe. Over the past decade, Volexity researchers pioneered the field of memory forensics, wrote best selling security books, and developed groundbreaking tools and technology that transformed the way modern digital investigations are performed. Volexity is building next generation solutions that will dramatically increase enterprise visibility and facilitate rapid intrusion suppression. The Volexity team leverages its extensive investigative experience, unique threat intelligence capabilities, and innovative technology to rapidly hunt for malicious actors hiding within the enterprise. Learn more at www.volexity.com.

About Risk IQ
RiskIQ provides organizations the visibility and intelligence they need to secure their Enterprise Digital Footprint and map their Adversaries’ infrastructure. RiskIQ’s external threat management platform, powered by a proprietary virtual-user technology, threat analysis engine, and global proxy network, enables an organization to defend against threats targeting its websites, mobile applications, brands, customers, and employees. Leading financial institutions, insurance providers and consumer as well as B2B brands use RiskIQ to protect themselves and their users from code level threats, malware, phishing, social media attacks and fraud. RiskIQ is headquartered in San Francisco and backed by growth equity firms Summit Partners and Battery Ventures. Learn more at www.riskiq.com.

About JPCERT/CC
JPCERT/CC is the first CSIRT (Computer Security Incident Response Team) established in Japan. The organization coordinates with network service providers, security vendors, government agencies, as well as the industry associations. Learn more at www.jpcert.or.jp/english.
