CTO Todd Harbour speaks at Core4ce’s 2024 Innovation Summit
Last month, Core4ce announced that Todd Harbour, company co-founder and managing partner, would be taking on the role of Chief Technology Officer to oversee our newly-branded innovation incubator – The Forge. Harbour is joined by new team members Kim Kok, Vice President of Sales and Emerging Technology, and Michael Sass, Head of Data Engineering and Analytics.
Core4ce’s VP of Communications Alex Bender recently sat down with Harbour to discuss the vision for The Forge, strategic focus areas, and the team’s pivotal developments thus far.
Core4ce recently unveiled branding for the company’s innovation incubator – The Forge. What’s the backstory behind the brand and why did that name resonate with you?
From the outset, Mike Morehouse and I founded Core4ce with the intention of strategically investing in intellectual property that would drive value for our customers and solve emerging national security challenges. The Forge exemplifies the vigor of a blacksmith’s workshop, where we heat, hammer, and harden promising ideas into market-leading solutions. Those three principles are critical because they represent the innovation lifecycle within The Forge – from the initial spark of an idea, to the refinement of raw potential, to ensuring the strength and viability of the solution before we take it to market.
Grist Mill Exchange (GME)—a start-up and strategic partner of Core4ce—was The Forge’s first major offering in 2022. Why was creating a secure data marketplace for government customers a priority for The Forge right out of the gate?
The GME team comprises experienced former senior government officials and technologists who have seen firsthand the challenges that arise when agencies can’t get access to the data they need in time to impact mission outcomes. Before GME, agencies had to navigate procurement roadblocks and negotiate one-off contracts with individual commercial data providers, waiting up to two years to complete each transaction and jeopardizing time-sensitive missions. GME was designed to streamline the data acquisition process and make it easy for government customers to quickly license thousands of timely, bespoke commercial datasets all in one place.
How is Core4ce working to ensure that data acquired by agencies is ready to be used by analysts?
Data engineering is the hidden cost of data analysis, and we know that around 80% of an analyst’s time is spent preparing data for analysis. A major focus area in The Forge currently is offering a comprehensive data engineering solution that simplifies complex data processes for our clients. From data ingestion to transformation and delivery, Core4ce handles it all, ensuring data is formatted, merged, and ready for use in any desired format. Our customers prioritize mission assurance and high availability in their data providers. They abide by stringent privacy, security and compliance requirements as well, so we’ve kept those considerations front of mind in designing our solution. Our process is efficient, customizable, scalable, and secure, with an emphasis on transforming data into a strategic asset.
Core4ce launched Cyberscape, a cyber threat investigation platform (TIP), from The Forge in 2022. How does Cyberscape fit within the broader Forge ecosystem and what challenges does it address for customers?
Core4ce is a trusted partner that customers can rely on for the full breadth of their data needs – from collection to actionable analysis. With Cyberscape, we wanted to give customers a way to easily access open-source intelligence sources and integrate data feeds from industry-leading threat intelligence providers. Analysts can use Cyberscape to conduct comprehensive investigations by visualizing and enriching data from numerous threat intelligence sources in a single interactive workspace.
We also felt that it was imperative to offer customers a way to comply with the 2021 White House Executive Order on Improving the Nation’s Cybersecurity – which called for removing barriers to sharing threat information. In Cyberscape, analysts can create, review, and share intelligence reports directly from the platform to key stakeholders and partners. Much like a social media app, users can create ‘communities of interest’ and publish research to that community. Members of that community can then use the existing research as a new enrichment source; should an investigation of theirs stumble upon the same IP address, file hash, threat actor, bitcoin address, or other attribute related to an active persistent threat, that information instantly becomes available for inclusion in their investigation. As communities will often face similar threats from the same threat groups, this can reduce the time to uncover and respond to the event.
What enhancements has the team made within Cyberscape since it launched?
Earlier this year, our technical team made a major architectural improvement to Cyberscape, allowing our partners and customers to write custom connectors and bring their own data sources into the Cyberscape ecosystem. Now, we can rapidly introduce new data sources and element types in the Cyberscape workspace without the need for major software changes that could trigger a re-evaluation under FedRAMP’s ‘Significant Change Policy.’ This change simplifies the scope of the FedRAMP Authorization Boundary from 37 (and growing) unique APIs to one message bus that can be isolated, monitored, scanned, and implemented within FedRAMP-approved AWS Infrastructure.
Additionally, we’ve introduced our own data feed – Petryl360 – within Cyberscape to provide users with cyber threat data and help safeguard their digital assets. Petryl360 revolutionizes cybersecurity intelligence by aggregating reclaimed dark web data. Users can search email addresses, phone numbers, account names, and even known compromised passwords and find matches in Petryl360’s comprehensive database. If a match is found, the service details the data sources involved in the breach, including associated exposed data. As our collection teams reclaim more data, the size, scope, and types of data are growing, transforming this intelligence into actionable insights to fortify digital defenses.
Core4ce recently rolled out a formalized process for team members to submit ideas for funding in The Forge. What was the impetus behind that decision, and have any ideas been accepted for investment thus far?
We recognized that great ideas come from everywhere, and technical experts don’t have a monopoly on them. So, we developed a lightweight process, allowing everyone at the company to participate. Our customers will ultimately benefit from the most promising data-minded solutions pitched by our team, and the process will provide professional development and growth opportunities for our employees. I’m delighted to announce that we recently selected our first project for funding and look forward to sharing more in the coming weeks.
What’s the best way to learn more about the projects advancing through The Forge?
Kim Kok recently joined The Forge team as VP of Sales and Emerging Technology and is available to discuss the products and services we’re developing across the data lifecycle of government. Reach out to Kim at sales@core4ce.com.
