@stake explained

ATstake, Inc. (stylized as @stake) was a computer security professional services company in Cambridge, Massachusetts, United States. It was founded in 1999 by Battery Ventures (Tom Crotty, Sunil Dhaliwal, and Scott Tobin) and Ted Julian. Its initial core team of technologists included Dan Geer (Chief Technical Officer) and the east coast security team from Cambridge Technology Partners (including Dave Goldsmith). Its initial core team of executives included Christopher Darby (Chief Executive Officer), James T. Mobley (Chief Operating Officer), and Christina Luconi (Chief People Officer).

History

In January 2000, Atstake acquired L0pht Heavy Industries (who were known for their many hacker employees), bringing on Mudge as its Vice President of Research and Development. Its domain name was atstake.com.^[1] In July 2000, Atstake acquired Cerberus Information Security Limited of London, England, from David and Mark Litchfield and Robert Stein-Rostaing, to be their launchpad into Europe, the Middle East and Africa.^[2] Atstake was subsequently acquired by Symantec in 2004.^[3]

In addition to Dan Geer and Mudge, Atstake employed many famous security experts including Dildog, Window Snyder, Dave Aitel, Katie Moussouris, David Litchfield, Mark Kriegsman, Mike Schiffman, the grugq, Chris Wysopal, Alex Stamos, Cris Thomas, and Joe Grand.^{[4] [5] [6]}

In September 2000, an Atstake recruiter contacted Mark Abene to recruit him for a security consultant position. The recruiter was apparently unaware of his past felony conviction since Atstake had a policy of not hiring convicted hackers. Mark was informed by a company representative that Atstake could not hire him, saying: "We ran a background check." This caused some debate regarding the role of convicted hackers working in the security business.

Atstake was primarily a consulting company, but also offered information security training through the Atstake academy, and created a number of software security tools:

• • LC 3, LC 4 and LC 5 were versions of a password auditing and recovery tool also known as L0phtCrack WebProxy was a security testing tool for Web applications
• SmartRisk Analyzer was an application security analysis tool
• The @stake Sleuth Kit (TASK) was an open source digital forensics tool (now called The Sleuth Kit).

Symantec later stopped selling LC5 to new customers citing US Government export regulations, and discontinued support in December 2006.^[7] In January 2009, L0phtCrack was acquired by the original authors from Symantec; L0phtCrack 6 was announced at the SOURCE Boston Conference on March 11, 2009.^[8] The technology underlying SmartRisk Analyzer was extended, and eventually brought to market by the Symantec spinoff Veracode.

Symantec announced its acquisition of Atstake on September 16, 2004,^[9] and completed the transaction on October 9, 2004.^[10]

Several members of Atstake left to form the computer security company "iSEC Partners"^[11] in 2004. Former Atstake academy instructors Rob Cheyne and Paul Hinkle later formed the information security training company "Safelight Security Advisors"^[12] in 2007. The remaining portion of the Atstake consulting group continues to operate as the "Security Advisory Services"^[13] team within Symantec's Security Business Practice.

After Atstake

Numerous Atstake employees before and after the acquisition by Symantec started their own cybersecurity services companies, which included:

• iSec Partners, US
• ImmunitySec, US
• Matasano, US
• NGS Software, UK
• Safelight Security Advisors, US
• Leviathan Security, US
• VSR, US

of these companies NCC Group latterly acquired:

• NGS Software, UK
• iSec Partners, US
• Matasano, US
• VSR, US

Atstake employees have also started their own cyber security product companies, including:

• Arbor Networks, US (acquired by private equity firm Danaher)
• Resilient Systems, US (acquired by IBM)
• Veracode, US
• GreatHorn, Inc (acquired by private equity)

External links

• Web site: Atstake company website. https://web.archive.org/web/20070508221548/http://www.atstake.com/ . 2007-05-08 ., now redirects to Symantec

Notes and References

1. News: A disaster foretold — and ignored. June 22, 2015. Washington Post.
2. Web site: A Security CEO and Two Hackers on Building a Safer Internet, Powered by a Community of Hackers. Bacon. Jono. Forbes. en. 2020-04-15.
3. Web site: Exclusive: Facebook ex-security chief: How 'hypertargeting' threatens democracy. finance.yahoo.com. 8 February 2019 . en-US. 2020-04-15.
4. Web site: Fisher . Dennis . 'We Got to Be Cool About This': An Oral History of the L0pht, Part 1 . Decipher . Duo Security . 17 June 2018 . en . 6 March 2018.
5. News: 7 Feb 2000 . Space Rogue . . US . 18 Dec 2017.
6. Web site: Franceschi-Bicchierai . Lorenzo . 2023-08-04 . Meet Window Snyder, the trailblazer who helped secure the internet and billions of devices . 2023-08-05 . TechCrunch . en-US.
7. News: Symantec refuses to sell audit tool outside the US . 2005-11-25 . Leyden . John . 2023-05-16 . https://web.archive.org/web/20230201202345/https://www.theregister.com/2005/11/25/symantec_l0phtcrack_export_controversy/ . 2023-02-01 . live.
8. Web site: New version of L0phtcrack to be unveiled next week . Infosecurity Magazine . 2009-03-03 . 2009-05-29 .
9. Web site: Symantec press release, September 16, 2004 . 2005-10-26 . https://web.archive.org/web/20051212152207/http://www.symantec.com/press/2004/n040916b.html . 2005-12-12 . dead .
10. Web site: Symantec press release, October 9, 2004. 2018-09-07. https://web.archive.org/web/20090731042347/http://www.symantec.com/press/cgi/printfriendlypress.cgi?release=2004%2Fn041008.html. 2009-07-31. dead.
11. Web site: 2018-04-02. www.nccgroup.trust/us/our-services/cyber-security/. www.nccgroup.trust.
12. Web site: Application Security Training and Assessments - Security Innovation. 2020-06-06. https://web.archive.org/web/20140813205606/http://www.safelightsecurity.com/. 2014-08-13. dead.
13. http://www.symantec.com/business/services/detail/detail.jsp?pcid=consulting_services&pvid=svc_data_security Symantec.com