CTO 2.0: Maiffret Rejoins BeyondTrust

Hacker-turned-entrepreneur Marc Maiffret reflects on his past few years embedded with enterprise security teams and how it has shaped his security view.

One of the security industrys pioneers recently celebrated a homecoming of sorts: Marc Maiffret last month returned to his post as chief technology officer (CTO) at privileged access management vendor BeyondTrust after a six-year hiatus from the limelight of the security industry.
Maiffret, whose vulnerability management startup
eEye Digital Security was acquired by BeyondTrust
in 2012, left BeyondTrust three years later to take a break, do some backpacking, and figure out his next move. He was soon also caring for both of his parents, who had been diagnosed with dementia.
After a brief stint as CISO at SpaceX, he has mostly kept a low profile in the industry, working as a security consultant embedded in the security operations teams at some large organizations in healthcare, finance, and space.
Maiffret had a rather abrupt start to his security career. In 1998 at the age of 17, he
infamously got a literal wakeup call
for his hacking activities when he awoke to find an FBI agent holding a gun to his head. He was never charged or arrested for anything, but agents confiscated his computer equipment. The then-teen hacker known as Chameleon in the Rhino9 hacker group says he and his hacking cohorts mostly just built tools and wrote papers about their work — activities that were fairly typical at the time for a generation of burgeoning white-hat hackers.
Just a few weeks after his encounter with the FBI, Maiffret teamed up with Firas Bushnaq to found eEye Digital Security, whose flagship product Retina Network Scanner was based on tools Maiffret had written in his teen hacker days. In 2001, Maiffret and fellow researchers at eEye discovered the first major Microsoft Windows worm, Code Red, which they named after the cherry-flavored Mountain Dew soft drink they pounded all night as they picked apart the game-changing worm.

Clear-Eyed
His shift from security vendor to the enterprise perspective was — no pun intended — eye-opening. The last few years have been both rewarding and a lot of learning, he says. Its easy when youve been on the product side building security and technology ... to become a little detached from what customers are really facing and what their challenges really are.
Many of his enterprise clients were experiencing a common problem with their security postures: What was impressed upon me was the lack of security [technology] tailored to a business and an organization, he says. That impressed a lot upon me how like a vendor we can definitely do what we can with our solutions to be smarter in how we tailor them to the companies. ... Its more than one-size-fits-all.
Maiffret expects to be the glue between engineering and product management at BeyondTrust, he explains. One of his priorities will be ensuring the vendors platform works well with other security technologies. Many security products just dont work well together today, he says.
I think its important for security companies to have empathy more than anything else, and to me that is earned through action. The last few years embedding with various security teams was that and more for me, and Im excited to put that into what I do next at BeyondTrust, he says. Maybe a bit less brash than I was when I started down this path 23 years ago, but still happy to fight for the things that matter and call bullshit when needed.
In the meantime, Maiffrets already diving back into his roots: security research. You cant take the nerd out of me, he says. Its core to my being.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
CTO 2.0: Maiffret Rejoins BeyondTrust