Mark Davidson is Celerium’s Chief Cybersecurity Architect and Engineering Director. He leads the team that develops Soltra, our machine-to-machine threat sharing solution, and contributes to the development of Cyber Defense Network (CDN). He has also been part of teams with the OASIS group, including serving as the co-chair of the team that developed STIX 2.0.
How would you explain your role to someone unfamiliar?
The most simple answer is “I do software,” and that’s usually enough to get people to stop asking. If people want a little more, I’ll usually say that I do cybersecurity software and my role is to make sure that our features solve problems that our users care about.
What are you most excited about right now at Celerium?
I’m most excited about our approach to cybersecurity. We are continually lowering barriers to entry so that even small companies can have the defense they need.
The Soltra 3.4 release brings full support for STIX 2.1. What makes STIX 2.1 so exciting for cybersecurity practitioners? And what, exactly, does “full support” mean?
Full support means that you can go connect to a STIX/TAXII 2.1 source, bring it into Soltra and store it natively – no proprietary formats here, and then reshare it exactly the same way it came in. We support all 18 Domain Objects, both Relationship objects, and custom objects and custom properties. Exactly the same as we support STIX 1. Both STIX 1 and STIX 2 will be used for years to come, so organizations will need tools that support both CTI formats. Soltra’s robust implementation makes it an invaluable tool for any organization. Soltra’s tagging, filtering, and searching capabilities are just icing on the cake.
You’ve been in the cybersecurity world a long time, including working as a SOC analyst. What’s been the biggest change or evolution you’ve seen over the years?
Honestly – and I don’t know if this will be a surprise or not – the advanced organizations get more advanced and everyone else’s problems get bigger and worse. The big tech companies have the skills and resources to build custom automation and solve cutting edge problems. Normal companies build out technology on an as-needed basis, but don’t have the skills or resources to cover the increased maintenance burden that is required to combat today’s cyber attackers.
When you’re not working, how do you like to spend your time?
It’s a toss-up between being a parent and planning my next vacation. Really it’s mostly being a parent. I have three little kids, and they’re great (and a lot of work!). When I can, I like to read, and I like to travel.
What’s the last book you recommended to someone?
The last book I recommended was – this is totally a boring manager answer – The Five Dysfunctions of a Team. It’s really a great book on how to run a team, how to work with others, and has totally influenced the way I manage.
Cats or dogs?
Neither – I like to travel and pets are an impediment to that!
Pineapple on pizza?
Yes, absolutely. The trouble with it is all those people who think Hawaiian Pizza is a problem. There’s a place down the road from me that adds in bacon and ricotta cheese and calls it a Maui Pizza, and it’s amazing. You can also get it as a calzone.
Any closing thoughts?
For everyone out there in cybersecurity – the most important thing is just to start and do what you can. People all over the world are working on the problem, and we can all get better together.
Soltra is better than ever with full support for STIX and TAXII 2.1, improved dashboards, and so much more. See how easy working with your threat intelligence can be by requesting a free trial of Soltra today!