SAN MATEO CA, February 3, 2015 – Norse, the leader in live attack intelligence, today announced that security industry veteran Mary Landesman has joined the Norse threat intelligence team as its senior data scientist.  An early pioneer in the use of data analysis techniques for cyber threat intelligence, Landesman will apply her years of experience in this field to help Norse detect and analyze cyber threats and develop effective prevention methods.

“Norse has the industry’s largest repository of Internet-related threat information, and this offers a golden opportunity to apply my expertise beyond just the web to a much broader, truly global cyber threat intelligence arena,” said Landesman.  “Cybersecurity is a global problem, and the kind of threat data that Norse is providing is where the industry as a whole has to move.  While individual security events may be different, the actors and their actions are the same or very similar.  It’s these kinds of behaviors that can be analyzed and dissected and applied to prevention methods, and that’s what Norse is doing.”

Landesman has been researching malware and security events for over two decades, since the Michelangelo virus appeared in February 1991. Prior to joining Norse, Landesman was senior security researcher at Cisco Systems, where she analyzed large data sets to determine the latest web-based threats and security trends.  While investigating low-lying threats that were increasing at odd rates in 2009, Landesman’s analytic skills enabled her to discover the Gumblar malware, one of the most significant web threats of 2009 and 2010, before it appeared on anyone else’s radar.  In 2013, Landesman was responsible for rooting out the Darkleech malware, which tampers with websites hosted on Apache servers, thereby uncovering a worldwide network of compromised hosting provider servers that were controlled remotely via this malware.

As senior manager of the Microsoft Anti-Malware Research and Response Team, Landesman created the first annual Microsoft Security Intelligence Report. Based on data from more than a billion systems worldwide and some of the busiest online services, it is generally regarded as the most comprehensive threat intelligence report in the industry for providing data and insights on malware, exploits, and vulnerabilities.

“We are thrilled to have Mary join the Norse team and are excited at the opportunity to bring her expertise and experience to bear on analyzing the huge volumes of threat data we receive every day to tease out the details that can help our customers hone in on the threats that are relevant to them,” said Brian Contos, chief security strategist at Norse. “Today, the volume of new malware we see in an hour is an order of magnitude greater than what we used to see in a year.  It’s no longer about the malware; it’s about the activities, the actions and their impact.  With Mary’s help, we are confident that Norse will maintain its leadership in threat intelligence.”

In addition to security research and data analytics, Landesman has published a multitude of security-focused articles in a variety of publications, including Virus Bulletin, Elsevier, PC World, and ZDNet. She has also presented at numerous conferences, including e-Crime Congress, Virus Bulletin Conference, the RSA Conference, and the Gartner Security Summit.

In 2009, 2010, and again in 2011, Landesman was awarded a Microsoft MVP award for her role in furthering consumer security. In 2010, Apollo Research declared her the most quoted security researcher for Internet malware and phishing and third most quoted for security overall.  In 2012, eWeek magazine listed Landesman as one of the “10 Women in Information Security that Everyone Should Know,” and in May 2014, Intelligent Defenselisted her as one of “3 Women Leading the Way in IT Security.”

About Norse

Norse is the leader in live attack intelligence. Norse delivers continuously-updated, demonstrably unique Internet and darknet intel that helps organizations block attacks that other systems miss. Norse products tightly integrate with popular SIEM, IPS, and next-generation firewall products to dramatically improve the performance, catch rate, and security return on investment of existing infrastructures. The Norse DarkMatter network processes hundreds of terabytes daily and computes over 1,500 distinct risk factors, live, for millions of IP addresses every day. These DarkMatter databases are curated by a highly trained team of professional cyber- and human-intelligence analysts to deliver the superior attack intelligence our customers demand. For more information, visit

Patrick Corman
Corman Communications, LLC

650-465-5973 (mobile)