Login
Login

Matt Suiche

{{Short description|French computer scientist (born 1988)}}

{{Infobox scientist

| image = Matt Suiche.jpg

| caption = Matt Suiche.

| name = Matt Suiche

| alt = Suiche presenting a talk at a conference

| birth_date = {{Birth date and age|1988|9|22|df=yes}}

| birth_place =

| nationality = French

| field = Computer science

| known_for = Computer security
Memory forensics
Virtualization

| website = {{URL|https://www.msuiche.com}}

}}

Matthieu Suiche (born September 22, 1988), also known as Matt and under the username msuiche, is a French hacker and entrepreneur. He is widely known as the founder of MoonSols and co-founder of CloudVolumes, which was acquired{{Cite web | url=https://blogs.vmware.com/euc/2014/08/cloudvolumes.html| title=VMware Acquires CloudVolumes| date= 2014-08-20| accessdate=2023-05-29}} by VMWare in 2014. In March 2014, Suiche was highlighted as one of the 100 key French developers in a report{{Cite web | url=https://www.codeforfrance.fr/assets/ebook/rapport_developpeurs.pdf| title=Les développeurs, un atout pour la France| accessdate=2023-05-29}} for French minister Fleur Pellerin.

Career

Suiche is best known for his work in the memory forensics and computer security fields. His most notable research contributions include Windows hibernation file{{Cite web | url=https://www.blackhat.com/presentations/bh-usa-08/Suiche/BH_US_08_Suiche_Windows_hibernation.pdf| title=Windows hibernation file for fun and profit| accessdate=2023-05-29}} analysis and Mac OS X physical memory analysis.{{Cite web | url=https://www.blackhat.com/presentations/bh-dc-10/Suiche_Matthieu/Blackhat-DC-2010-Advanced-Mac-OS-X-Physical-Memory-Analysis-slides.pdf| title=Advanced Mac OS X Physical Memory Analysis| accessdate=2023-05-29}}

Furthermore, he created LiveCloudKd,{{Cite web | url=https://techcommunity.microsoft.com/t5/windows-blog-archive/livekd-for-virtual-machine-debugging/ba-p/723942| title=LiveKd for Virtual Machine Debugging| date= 2019-06-27| accessdate=2023-05-29}} a utility to analyze running Microsoft Hyper-V virtual machines. Microsoft Technical fellow Mark Russinovich highlighted it on his blog{{cite web | title = LiveKd for Virtual Machine Debugging | url = https://blogs.technet.com/b/markrussinovich/archive/2010/10/14/3360991.aspx}} before introducing{{Cite web | url=https://news.softpedia.com/news/LiveKd-5-0-for-Hyper-V-Debugging-Released-to-Windows-Sysinternals-161223.shtml| title=LiveKd 5.0 for Hyper-V Debugging Released to Windows Sysinternals| accessdate=2023-05-29}} a similar feature in one of Microsoft's tools. Russinovich also said "We were so impressed that we invited Matthieu to speak about live kernel debugging and LiveCloudKd at this year’s BlueHat Security Briefings".

He is also known to have discovered multiple security flaws in multiple Microsoft Windows kernel components.{{Cite web | url=https://learn.microsoft.com/en-us/security-updates/SecurityBulletins/2010/ms10-048?redirectedfrom=MSDN| title=Microsoft Security Bulletin MS10-048 - Important| accessdate=2023-05-29}}{{Cite web | url=https://www.reuters.com/article/urnidgns852573c40069388000257777006ede7a-idUS357327323120100807| title=Microsoft to thank Google researcher for privately reporting Windows bugs| accessdate=2023-05-29}} Suiche is Microsoft Most Valuable Professional in Enterprise Security.{{Cite web | url=https://mvp.microsoft.com/en-us/PublicProfile/4025068?fullName=Matthieu%20B.%20SUICHE| title=Matthieu B. Suiche| accessdate=2023-05-29}}

Suiche started his career as an independent security researcher by presenting his work about the Microsoft Windows hibernation file for the first time at the international conference PacSec held in Tokyo in 2007.{{Cite web | url=https://seclists.org/isn/2007/Oct/97| title=Information Security News: PacSec 2007 Agenda (Tokyo 11-29/30)| accessdate=2023-05-29}} His expertise earned him an invitation from Europol to speak at their internal High Tech Crime Experts Meeting in 2008.{{cite web | archiveurl = https://web.archive.org/web/20090102130225/http://www.europol.europa.eu/index.asp?page=news&news=pr081208.htm | url = http://www.europol.europa.eu/index.asp?page=news&news=pr081208.htm | archivedate=January 2, 2009 | title = High Tech Crime Experts Meeting}}{{cite web |url=http://www.msuiche.net/2008/12/04/europol-high-tech-crime-expert-meeting/ |title=Europol High Tech Crime Expert Meeting - Matthieu Suiche's blog ! |website=www.msuiche.net |access-date=14 January 2022 |archive-url=https://web.archive.org/web/20090125052041/http://www.msuiche.net/2008/12/04/europol-high-tech-crime-expert-meeting/ |archive-date=25 January 2009 |url-status=dead}} Between 2009 and 2010, he worked as a researcher for Netherlands Forensic Institute in The Hague. He then founded MoonSols, a company specializing in memory forensics and incident response.

Suiche was also contributor{{Cite web|url=https://git.samba.org/?p=samba.git&a=search&h=HEAD&st=author&s=suiche|title=git.samba.org - samba.git/search|website=git.samba.org}} of the Samba project during the Google Summer of Code in 2008, where he was in charge of implementing the new compression algorithms used by the networking protocols.

In 2011, Suiche founded CloudVolumes (formerly SnapVolumes{{Cite web |url=https://finance.yahoo.com/news/cloudvolumes-delivers-industry-first-instant-143200404.html |title="CloudVolumes Delivers Industry’s First Instant Workload Management Solutions to Reduce Complexity, Increase Efficiency and Provide Mobility within the Datacenter and Cloud" |archive-url=https://archive.today/20140222011647/http://finance.yahoo.com/news/cloudvolumes-delivers-industry-first-instant-143200404.html |archive-date=2014-02-22}}) a California-based virtualization management product company where he served as a Chief Scientist.{{Cite web |url=https://www.bloomberg.com/article/2012-11-07/ayplHRFWJ47Y.html |title=SnapVolumes Secures $2.3 Million Seed Financing to Redefine Application Deployment and Management of Virtual Desktops, Servers |archive-url=https://archive.today/20140222011646/http://www.bloomberg.com/article/2012-11-07/ayplHRFWJ47Y.html |archive-date=2014-02-22}} Company was acquired by VMware in 2014.{{primary source inline|date=May 2023}}

In 2016, Suiche founded Comae, is a UAE-based cybersecurity company that specializes in cloud-based memory analysis used to recover evidence from the volatile memory of devices. Company was acquired by Magnet Forensics in 2022.{{Cite web | url=https://www.businesswire.com/news/home/20220505005021/en/Magnet-Forensics-Acquires-Cybersecurity-Software-Firm-Comae-Technologies| title=Magnet Forensics Acquires Cybersecurity Software Firm Comae Technologies| accessdate=2023-05-29}}{{primary source inline|date=May 2023}}

Conferences

Suiche also had been a frequent speaker at various computer security conferences such as Black Hat Briefings,{{Cite web|url=https://www.blackhat.com/html/bh-dc-11/bh-dc-11-speaker_bios.html|title=Black Hat ® Technical Security Conference: DC 2011 // Speaker Bios|website=www.blackhat.com}}NetworkWorld, [http://www.networkworld.com/news/2011/012011-black-hat-quirky-moments.html Quirky moments at Black Hat DC 2011] {{webarchive|url=https://web.archive.org/web/20140227140305/http://www.networkworld.com/news/2011/012011-black-hat-quirky-moments.html |date=2014-02-27 }} Microsoft Blue Hat Hacker Conference,{{Cite web |url=https://technet.microsoft.com/en-us/security/ff967505.aspx |title=BlueHat Security Briefings: Fall 2010 Sessions |archive-url=https://archive.today/20131213164918/http://technet.microsoft.com/en-us/security/ff967505.aspx |archive-date=2013-12-13}} Shakacon, Hackito Ergo Sum, Europol High Tech Crime Experts Meeting, CanSecWest,{{Cite web|url=https://cansecwest.com/dojobios.html|title=CanSecWest Applied Security Conference: Vancouver, British Columbia, Canada|website=cansecwest.com |archive-url=https://archive.today/20140222011645/http://cansecwest.com/dojobios.html |archive-date=2014-02-22}} PacSec,[https://web.archive.org/web/20031217110410/http://pacsec.jp/speakers.html PacSec] Hack In The Box, SyScan{{Cite web |url=http://www.pcworld.com.vn/articles/chuyen-muc/an-toan-thong-tin/2010/09/1221096/hoi-thao-bao-mat-syscan-2010-nhieu-chu-de-hap-dan/ |title=Hội thảo bảo mật SyScan 2010: Nhiều chủ đề hấp dẫn |archive-url=https://archive.today/20140222011652/http://www.pcworld.com.vn/articles/chuyen-muc/an-toan-thong-tin/2010/09/1221096/hoi-thao-bao-mat-syscan-2010-nhieu-chu-de-hap-dan/ |archive-date=2014-02-22}} and Shakacon.

He is on the board of Program Committee of Shakacon security conference, and one of the founders of Hackito Ergo Sum security conference in Paris.

The Shadow Brokers

The Shadow Brokers is a hacker group who first appeared in the summer of 2016. They published several leaks containing hacking tools, including several zero-day exploits, from the "Equation Group" who are widely suspected to be a branch of the National Security Agency (NSA) of the United States. Suiche spoke at the BlackHat about The Shadow Brokers’ saga, the large Vegas-based cybersecurity conference and after his presentation the TSB posted a public message stating “Hello Matt Suiche, The ShadowBrokers is sorry TheShadowBrokers is missing you at theblackhats or maybe not.”{{Cite web |date=2017-11-02 |title=Meet the French researcher the Shadow Brokers keep calling out |url=https://www.cyberscoop.com/matthieu-suiche-shadow-brokers-comae-technologies/ |access-date=2022-04-07 |website=CyberScoop |language=en}}

Suiche along with James Bamford speculated that an insider, "possibly someone assigned to the [NSA's] highly sensitive Tailored Access Operations", stole the hacking tools.{{Cite news |date=2016-08-22 |title=Commentary: Evidence points to another Snowden at the NSA |language=en |work=Reuters |url=https://www.reuters.com/article/us-intelligence-nsa-commentary-idUSKCN10X01P |access-date=2022-04-07}}

Pwnie Awards 2013

In 2012, Suiche was one of the security researchers (along with several other well-known security researchers) who submitted a bogus article{{Cite web | url=https://www.theregister.com/2012/10/05/hakin9_silliness/| title=Experts troll 'biggest security mag in the world' with DICKish submission| accessdate=2023-05-29}} entitled "Nmap: The Internet Considered Harmful - DARPA Inference Checking Kludge Scanning" to Hakin9 Information Security Magazine. This article has been used as a social proof to demonstrate the lack of relevance and expertise of certain media dedicated to Information Security, but also to criticize spamming techniques used by media in order to generate quantity-oriented data rather than quality-oriented information. The following year, this article resulted in being awarded the 2013 Pwnie Awards{{Cite web | url=https://it.slashdot.org/story/13/08/04/127257/pwnie-awards-2013-winners-barnaby-jack-edward-snowden-hakin9-evad3rs| title=Pwnie Awards 2013 Winners: Barnaby Jack, Edward Snowden, Hakin9, Evad3rs - Slashdot| accessdate=2023-05-29}}{{Cite web | url=https://pwnies.com/winners/| title=Pwnie Award Winners 2022 – Pwnies| accessdate=2023-05-29}} attributed to Hakin9 under the "Most Epic FAIL" category.

Awards and recognition

  • 2009-2015, Microsoft Most Valuable Professional.
  • 2014, One of the 100 top key developers in France.

Bibliography

  • Debugged! Mz/Pe: Magazine For/From Practicing Engineers by Dmitry Vostokov, Matthieu Suiche and Roberto Alexis Farah, OpenTask {{ISBN|1-90-671738-9}}, 2009

See also

References

{{reflist}}

External links

  • {{official website|http://msuiche.net}}

{{authority control}}

{{DEFAULTSORT:Suiche, Matt}}

Category:French businesspeople

Category:Hackers

Category:Living people

Category:French computer scientists

Category:1988 births