Cambrian Security, Explosion What?

Wed, Jun 21, 2017

The registrations are complete. We have email. The new website is online. We are open for business. This is the first blog post. It is “Day 1” at Cambrian Security.[1] You are probably asking what we plan to do and how we plan to do it. Here is the answer.

First, lets set the context. People have estimated we are (or will be) shorthanded by more than 1 million cyber security professionals.[2] Others forecast there will be over 20 billion devices online by 2020. There are already over 8 billion Internet connected devices.[3]

We are in the middle of another “Cambrian Explosion”. The first one, 500 million years ago, spawned the core genetic toolkit for almost every living animal today. What we are seeing now in the Internet world is similar. We are witnessing a large increase in device diversity with the so called “Internet of Things” (IoT) boom. Networks are not the generally homogeneous monoculture they once were.[4] Security foundations and precepts are changing.

There is opportunity to apply “Cambrian Intelligence” and “the new AI” to cybersecurity (offense and defense).[5] Just like in the Cambrian period, worms and other autonomous robots are gaining new behaviors and capabilities. Defenders are evolving as well. Automated response capabilities are advancing with our ability to build “infrastructure as code”. It is getting easier to build more defensible, highly dynamic networks/systems - with containers, with sandboxes, with security enclaves, with specialized hardware, with honeypots - strategically designed for security. Google currently starts up over 2 billion containers per week.[6] Their BeyondCorp enterprise security model is innovative and appealing, others will soon do business the same way.[7]

There is a lot of work to be done. It is a tremendously exciting time to play a position in infosec. Cambrian Security will be here to bring you skills, experience, research, talent, creativity and specialized tools to help your red team and your blue team play the proper game.[8]


[1] “Jeff Bezos On Why It’s Always Day 1”,


[3] “Gartner, Inc. forecasts that 8.4 billion connected things will be in use worldwide in 2017, up 31 percent from 2016, and will reach 20.4 billion by 2020.”,

[4] “CyberInsecurity: The Cost of Monopoly; How the Dominance of Microsoft’s Products Poses a Risk to Security”,

[5] Rodney Brooks (1999), Cambrian Intelligence: The Early History of the New AI, MIT Press, ISBN 0-262-52263-2;

[6] “From Gmail to YouTube to Search, everything at Google runs in containers. Containerization allows our development teams to move fast, deploy software efficiently, and operate at an unprecedented scale. Each week, we start over two billion containers. “,

[7] “BeyondCorp is used by most Googlers every day, to provide user and device based authentication and authorization for Googles core infrastructure.”,

[8] “a friendly reminder to beat the attacker at his or her own game, not play yourself and declare yourself the winner”,