i2Coalition Member Spotlight: Monarx
Monarx delivers automatic malware protection for web hosting providers. Through superior technology born from a passion for solving hard problems, Monarx is turning the tide in the never-ending battle to protect the world’s websites from cyberattack, and is also a member of the i2Coalition.
We connected with Monarx CEO Jeremy Warren to chat about next-generation cyber threats, the DNA of malware, and finding common goals.
i2Coalition: Can you give us the elevator pitch for Monarx?
Jeremy Warren: Monarx is a cybersecurity solution for websites. Our technology is designed from the ground up to be able to address the specific challenges of web-related malware and malicious activity in a way that existing tech doesn’t do very well. We sell our product to and through the large web hosters in this space. The end result is that we detect and protect against some of the more advanced malware that’s become a lot more common in recent years.
i2Coalition: Monarx doesn’t do the typical “scan-and-squash” approach to cybersecurity—what do you do instead?
JW: We dive in and look at the actual code and activity of potential malware. Everyone else in the industry essentially just looks at the signatures, pattern-matching the appearance of files or the appearance of activity. These days there’s just too much obfuscation that goes on in web-related malware. So we plug into the actual web server and the PHP engine, and we’re able to get detailed information about what is actually happening. Then we dive in and unwind all of this obfuscated code to understand not just what malware might look like, but what it does and who’s doing it.
i2Coalition: Like looking at its DNA.
JW: Yeah, its DNA as well as its behavior. The vast majority of tools that everyone’s been using for decades now just don’t work well when dealing with encrypted traffic and obfuscated files.
i2Coalition: Are there particular forms of cyber attack that you’re encountering more regularly in 2023?
JW: Yes, for sure. Besides “the classics”, so to speak—phishing sites, blackhat SEO, adware and the like—there’s also the delivery of ransomware. What we’re really noticing is that bad actors’ methods are much more aggressive and advanced than we’ve seen in the past. There was a lot of old, well-known stuff that was still being used a lot. Advanced persistence, advanced obfuscation, and of course we’re keeping an eye on what’s coming in the near future with AI-generated malware.
i2Coalition: You predicted the next question—AI as a cyberattack tool!
JW: Yeah, we’re seeing malicious attacks that appear to have AI fingerprints. We certainly use a lot of AI on our end to defend against that. I think it’s going to be another aspect of the cat-and-mouse game going forward. AI for the bad guys, AI for the good guys.
i2Coalition: What impact do you think recent geopolitical events have had on your more recent business performance?
JW: We see a lot of activity especially from some of our larger hosts who are more present in Eastern Europe. Over time, those attacks tend to migrate to Western Europe and North America and other parts of the world. But there’s lots of reasons to believe that it’s not just about nation-states or nation-state-backed groups, although that’s certainly part of it. There’s just a lot of people out there who are passionate in support of both sides, and they’re waging this kind of parallel war in cyberspace that unfortunately has a big impact on the rest of us.
i2Coalition: Why did your team find it important to join the i2Coalition?
JW: We believe in the mission of what the coalition is trying to do. I spent some time in government myself, and our CTO spent some time in government. I think that being able to join together to be able to educate, to inform and to try to positively influence the way that policy is created around a lot of these issues that don’t just impact the i2Coalition member companies, but everyone who is a partner, customer, and so forth, which is a large part of the world. I believe in helping governments be effective at doing their jobs, and I think industry has a role to play in making that work.
[Note: Jeremy Warren has previously worked as Chief Technology Officer for the U.S. Department of Justice.]
i2Coalition: Which i2C initiatives connect most deeply with your team’s ethos?
JW: Cybersecurity issues, for sure. I think that it’s under-appreciated and less effective than it could be in terms of how policy could help inform and support better cybersecurity initiatives. Also data privacy and data security. We just want to help lawmakers find the most effective way of meeting those goals with the least bureaucracy and wasted effort around trying to do the right thing for everybody.
i2Coalition: Where does government policy interface with your work on a daily basis?
JW: Around data privacy and security. It’s something that we deal with every day with international customers, and those customers supporting their end-customers all around the world. I think that there’s also the opportunity to have a more forward-looking point of view around liability and responsibilities for cybersecurity. Every day we see incentive misalignment around cybersecurity, and that’s part of the challenge that we face. And I do think there’s a role that can be played to better align incentives between the site owners, the hosting providers, and the visitors. It’s not yet clear who bears the ultimate responsibility, or what responsibility people should have, so there’s an opportunity for us in the i2Coalition and in the industry at large to align incentives that drive better action.