A good company is greater than the sum of its parts. But at Fortra, those parts are pretty good, too.
Recently, we had a chance to sit down with Tyler Reguly, Associate Director, Security R&D at Fortra.
A career cybersecurity veteran, Tyler graduated from Fanshawe College, where he developed and taught five courses on hacking and malware. He has contributed to various standards, including CVSSv3, and co-founded the IoT Hack Lab, which was a regular at SecTor between 2015 and 2023.
Always anxious to be on the inside of the security track, we asked him what his expansive, more than 20-year cybersecurity career has taught him about the state of security today and where things are headed.
Can a researcher be a good teacher?
“Tyler, you joined Fortra in 2022 following the acquisition of Tripwire, where you had been a research team member for over fifteen years. Could you share how that long-term research experience shaped your vision for leading the security R&D team today?”
Experience has many advantages. Simply by sticking around long enough, I’ve been able to work with nearly every type of tool and every situation, at least one, often more. This comes to bear when I’m helping a Fortra client with an issue, even if it goes beyond vulnerability management.
Feeling like I’ve “seen it all” at one point or another hopefully gives my answers perspective and lets me feel like I’m contributing in a meaningful way when I’m teaching. That translates well into the work I do within Human Risk Management, ultimately just teaching anyway.
Has teaching impacted your R&D approach?
“You’ve developed and taught several advanced courses at Fanshawe College, ranging from Malware Research and Advanced Hacking Techniques to Python Programming. How has teaching influenced how you lead your team and approach threat research and education?”
I’ve learned that you can’t rush the learning process. Over the years, when teaching several of my cybersecurity courses, we would find ourselves online with students late into the night, helping them understand concepts hours after the class was over.
One thing stood out: security leadership means putting in the time and making myself available to them.
That’s been my mantra ever since. Crossing over into the R&D side, when a problem comes across your desk, you don’t just get to come up with an answer today. It takes time. If we’re discussing a new threat and how we will do detection engineering for it, that’s a time-consuming process.
How are we going to develop the tools? How are we going to integrate the Human Risk Management aspect? How are we going to present things in a way that non-technical people will understand?
While we all want to move fast, real results come from putting in the time and making the effort to produce a finished product. And sometimes that means proverbially staying online late into the night.
Let’s talk about FIRE and Fortra Threat Brain
“The Threat Brain powers Fortra’s threat intelligence - its AI-driven hub - and backed by the FIRE (Fortra Intelligence and Research Experts) team. How do these two pillars collaborate to generate actionable intelligence, and what are their biggest strengths and challenges?”
FIRE is people and Threat Brain is technology. That’s the simple answer.
It’s also the comprehensive one. You need both to combat today’s threats. No one will ever automate a way to do threat detection with all technology and no human involvement. The situations are too nuanced for that.
By the same token, there is no way that today’s SOCs are going to keep up with today’s threat data at scale. Automated, AI-driven tools are needed to complete the process. Technology gives teams what they need to make intelligent threat management decisions in real time, and both are necessary.
How are you negotiating AI and ML in your role?
“Fortra places considerable emphasis on AI and machine learning - from anomaly detection and NLP to generative AI protections. Could you describe how your research team integrates these technologies into real-world defences?”
The impact of AI is not lost on us here. Within my Human Risk Management team, we see excellent opportunities to use AI to get ahead. We’re experts trained to create the content; to see the problems, apply our knowledge, and synthesize the solutions. That part’s fun for us as career cybersecurity people.
What’s not fun is doing the non-security-centric work: the videos, voice-overs, distribution, and all that’s associated with “getting it out there.” We definitely see some opportunities there for AI/ML to make those aspects of our jobs a lot easier - and get us back to the part we like best.
As far as AI and how it relates to the attackers’ side, we definitely do a lot around training people to recognize the new generation of AI-generated phishing attacks. Phishing emails now don’t have the obvious red flags like spelling errors or poor punctuation. Thanks to GenAI, they are all word-perfect, forcing us to train people to recognize them based on additional pieces of context.
We’ve been hearing a lot about threat intel collaboration...
“You have highlighted the value of community involvement in building collective resilience. How does Fortra’s research engage with external communities, and how critical is this collaboration in shaping your threat research?”
The biggest and coolest thing happening right now is community threat intelligence sharing. There used to be this mindset that when you got information, you had to keep it private and locked down. Now, we’re seeing people talk about it: they want to create threat sharing communities, they want to open threat intelligence dialogue.
Personally, I’ve been involved largely through CCTX (Canadian Cyber Threat Exchange). What they do is great for the Canadian landscape and could be modelled anywhere. They’re bringing major enterprises and smaller SMBs together in the same room and having them share the threats they’ve been facing.
What is the three year vision for Fortra threat research?
“Looking ahead, what do you hope the FIRE team and the overall threat research function at Fortra will achieve in the next two to three years, both in terms of innovation and impact on the broader cybersecurity community?”
The threat research team here at Fortra has the real capacity to be leaders in this space. I want to see the FIRE team get out in front. Ideally, we’d see a FIRE team member at every conference, talking about the research we’re doing, the investigations we’ve done, and the detection content we’ve engineered.
We’ve already made an impact in community sharing, and I want to see us do even more. That’s where a lot of the security value is these days, and I think it’s important that we amplify our ability to give back. Our uniquely qualified team and advanced platforms make us particularly well-suited to doing so.
Tyler’s Secret: "I Still Love It”
I’m lucky to have been able to do one thing for so long and still love it. That experience and longevity in this industry has proved invaluable when translating my knowledge to a new generation of practitioners.
Looking forward, it will be exciting working with Fortra and the threat intelligence community at large these next few years. Even after two decades in this space, or rather because of it, I can say we’re at a time where things are really getting interesting.
Fortra Intelligence and Research Experts
The FIRE team operationalizes threat intelligence to detect, disrupt, and deter adversaries.
