Alexander Heid is an American

computer security Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, the ...

consultant,

white hat White hat, white hats, or white-hat may refer to: Art, entertainment, and media * White hat, a way of thinking in Edward de Bono's book ''Six Thinking Hats'' * White hat, part of black and white hat symbolism in film Other uses * White hat (compu ...

hacker A hacker is a person skilled in information technology who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term ''hacker'' has become associated in popu ...

, and business executive. Heid is a co-founder of the

South Florida South Florida is the southernmost region of the U.S. state of Florida. It is one of Florida's three most commonly referred to directional regions; the other two are Central Florida and North Florida. South Florida is the southernmost part of th ...

hacker conference A computer security conference is a convention for individuals involved in computer security. They generally serve as meeting places for system and network administrators, hackers, and computer security experts. Events Common activities at hacke ...

and

hacker group Hacker groups are informal communities that began to flourish in the early 1980s, with the advent of the home computer. Overview Prior to that time, the term ''hacker'' was simply a referral to any computer hobbyist. The hacker groups were out ...

known as

HackMiami HackMiami is a formal organization of information security professionals who host the annual international hacker conference that takes place in Miami Beach, FL known as the 'HackMiami Conference.' The organization has been involved in research ...

, and currently serves as the chief research officer of the

New York City New York, often called New York City or NYC, is the List of United States cities by population, most populous city in the United States. With a 2020 population of 8,804,190 distributed over , New York City is also the L ...

information security Information security, sometimes shortened to InfoSec, is the practice of protecting information by mitigating information risks. It is part of information risk management. It typically involves preventing or reducing the probability of unauthorize ...

firm SecurityScorecard.

Early life and education

Alexander Heid grew up in

Miami, Florida Miami ( ), officially the City of Miami, known as "the 305", "The Magic City", and "Gateway to the Americas", is a East Coast of the United States, coastal metropolis and the County seat, county seat of Miami-Dade County, Florida, Miami-Dade C ...

and attended

Barbara Goleman Senior High School Barbara Goleman Senior High School is a secondary school located at 14100 NW 89th Ave in Miami Lakes, Florida; its principal is Manuel Sanchez. Goleman is part of Miami-Dade County Public Schools Region I, and is school number 7751. The school i ...

Career

Alexander Heid currently serves as chief research officer of the

firm SecurityScorecard. Heid joined the company in 2014, working directly with Aleksandr Yampolskiy and Sam Kassoumeh to develop the signal collection methodologies that powers the

cyber threat intelligence Cyber threat intelligence (CTI) is knowledge, skills and experience-based information concerning the occurrence and assessment of both cyber and physical threats and threat actors that is intended to help mitigate potential attacks and harmful eve ...

and

third party management Third-party management is the process whereby companies monitor and manage interactions with all external parties with which it has a relationship. This may include both contractual and non-contractual parties. Third-party management is conducted p ...

aspects of the platform. Heid is documented as being one of the first researchers to attribute the

Equifax Equifax Inc. is an American multinational consumer credit reporting agency headquartered in Atlanta, Georgia and is one of the three largest consumer credit reporting agencies, along with Experian and TransUnion (together known as the "Big Thr ...

data breach A data breach is a security violation, in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so. Other terms are unintentional information disclosure, data leak, info ...

to a vulnerability in

Apache Struts 2 Apache Struts 2 is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model–view–controller (MVC) architecture. The WebWork framework s ...

within the first hours of the breach announcement. Prior to SecurityScorecard, Heid was the head of threat intelligence at

Prolexic Prolexic Technologies was a US-based provider of security solutions for protecting websites, data centers, and enterprise IP applications from Distributed Denial of Service (DDoS) attacks at the network, transport, and application layers. It oper ...

. Heid developed counterattack and neutralization methodologies against

DDoS In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host A ...

campaigns by discovering vulnerabilities in the attacker's

botnet A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its conn ...

command and control Command and control (abbr. C2) is a "set of organizational and technical attributes and processes ... hatemploys human, physical, and information resources to solve problems and accomplish missions" to achieve the goals of an organization or en ...

servers. During the time at

, Heid was involved in the defense and mitigation of the Operation Ababil campaigns that were targeting the financial sector. Additionally, Heid has held senior security roles within the banking industry, specializing in web application vulnerability analysis and

. Heid has given multiple presentations at

s demonstrating exploitable vulnerabilities within crimeware applications that can be leveraged by white hat researchers for the purposes of attribution and threat neutralization. Heid is also the author of the 2013 cryptocurrency threat intelligence report, "Analysis of the Cryptocurrency Marketplace," which was the first forensic report about malware threats relating to blockchain technologies. The report is ranked as one of the Top 1000 'Most Cited Blockchain Publications' by BlockchainLibrary.

References

{{DEFAULTSORT:Heid, Alexander Living people Hackers American technology executives People in information technology Year of birth missing (living people)