Matt Suiche

Suiche is best known for his work in the memory forensics and computer security fields. His most notable research contributions include Windows hibernation file analysis and Mac OS X physical memory analysis. Furthermore, he created LiveCloudKd, a utility to analyze running Microsoft Hyper-V virtual machines. Microsoft Technical Fellow Mark Russinovich highlighted it on his blog before introducing a similar feature in one of Microsoft's tools. Russinovich also said "We were so impressed that we invited Matthieu to speak about live kernel debugging and LiveCloudKd at this year’s BlueHat Security Briefings". He is also known to have discovered multiple security flaws in multiple Microsoft Windows kernel components. Suiche is also a Microsoft Most Valuable Professional in Enterprise Security. Suiche started his career as an independent security researcher by presenting his work about the Microsoft Windows hibernation file for the first time at the international conference PacSec held in Tokyo in 2007. His expertise earned him an invitation from Europol to speak at their internal High Tech Crime Experts Meeting in 2008. Between 2009 and 2010, he worked as a researcher for The Netherlands Forensic Institute in The Hague. He then founded MoonSols, a company specializing in memory forensics and incident response. Suiche was also a contributor of the Samba project during the Google Summer of Code in 2008, where he was in charge of implementing the new compression algorithms used by the networking protocols. In 2011, Suiche founded CloudVolumes (formerly SnapVolumes) a California-based virtualization management product company where he served as a Chief Scientist. The company was acquired by VMware in 2014. == Conferences ==

Suiche also had been a frequent speaker at various computer security conferences such as Black Hat Briefings, Microsoft Blue Hat Hacker Conference, Shakacon, Hackito Ergo Sum, Europol High Tech Crime Experts Meeting, CanSecWest, PacSec, Hack In The Box, SyScan and Shakacon. He is on the board of the Program Committee of the Shakacon security conference, and one of the founders of the Hackito Ergo Sum security conference in Paris. == The Shadow Brokers ==

The Shadow Brokers is a hacker group that first appeared in the summer of 2016. They published several leaks containing hacking tools, including several zero-day exploits, from the "Equation Group," who are widely suspected to be a branch of the National Security Agency (NSA) of the United States. Suiche spoke at the Black Hat about The Shadow Brokers’ saga, the large Vegas-based cybersecurity conference and after his presentation, the TSB posted a public message stating, “Hello Matt Suiche, The ShadowBrokers is sorry TheShadowBrokers is missing you at theblackhats or maybe not.” Suiche, along with James Bamford, speculated that an insider, "possibly someone assigned to the [NSA's] highly sensitive Tailored Access Operations", stole the hacking tools. == Pwnie Awards 2013 ==

In 2012, Suiche was one of the security researchers (along with several other well-known security researchers) who submitted a bogus article entitled "Nmap: The Internet Considered Harmful - DARPA Inference Checking Kludge Scanning" to Hakin9 Information Security Magazine. This article has been used as social proof to demonstrate the lack of relevance and expertise of certain media dedicated to Information Security, but also to criticize spamming techniques used by media to generate quantity-oriented data rather than quality-oriented information. The following year, this article resulted in being awarded the 2013 Pwnie Awards attributed to Hakin9 under the "Most Epic FAIL" category. == Awards and recognition ==

• 2009-2015, Microsoft Most Valuable Professional. • 2014, one of the 100 top key developers in France. == Bibliography ==