In May, the complex challenges facing today's Internet-dependent society prompted U.S. President Barack Obama to sound an alarm by announcing that America now requires a national chief of cybersecurity. Massive military risks and multibillion dollar economic stakes underscore ongoing needs to safeguard computer data and communication. From threats to national defense systems and electric power grids to thefts of information and money via networks serving government, businesses and households, society is under a constant barrage of attacks - all of which make the accomplishments of Martin Roesch '92 (ECE) increasingly significant.
The names of Roesch and Sourcefire Inc., the company he founded in 2001, have become synonymous with the highest level of innovative network security intelligence.
Customers include all branches of the U.S. military and most corporations in the Fortune 100. Sourcefire enables each client to manage and minimize risks through a powerful, adaptive layered network security system called 3D (Discover, Determine, Defend). The fast-growing company uniquely combines innovative open source software collaboration with supportive commercial products and customer service.
Roesch now lectures widely and his insights permeate the world's information security and open source communities. As chief technology officer (CTO) at Sourcefire, he remains responsible for its technical direction and product development.
Not bad for a self-described "geek" with "a salesman gene" who says that no matter what else he does, he'll never stop writing open source software because "it's just so much fun."
An early fascination with computers took Roesch from his hometown of Geneva, N.Y., to Clarkson, where engineering classes helped turn his innate curiosity into the springboard for a highly productive career. "One of the great things I learned was logical thinking. It's one thing to state a case forcefully," he says. "It's another to have unassailable logic behind it." Everything came together in his senior lab, he recalls, "which made me feel confident going out there and being a computer engineer in the field."
As it should have, judging by his subsequent success. Roesch was named one of eWeek's Top 100 Most Influential People in IT. He was also a finalist for Ernst and Young's 2008 Entrepreneur of the Year Award and was named Info World IT Heroes Innovator Award in 2004, while his Sourcefire RNA (Real-time Network Awareness) became one of just five products ever to receive NSS Gold recognition.
Roesch is best known for creating Snort, the world's most downloaded intrusion prevention system (IPS) and leading program in enterprise threat management (ETM), released a decade ago. Now the de facto industry standard with 3.7 million downloads and more than 227,000 registered users, it is the foundation of Sourcefire's 3D.
During his career, Roesch has personally developed a variety of network security tools and technologies, including honeypots (intruder lures), scanners and policy enforcement systems for organizations that range from GTE Internetworking to Stanford Telecommunications Inc. to the Department of Defense. He has been interviewed by multiple technology publications and by news services that include MSNBC, The Wall Street Journal, CNET, and ZDNet. Snort has been featured in Scientific American and on A&E's "Secret Places: Inside the FBI" and is the subject of more than a dozen books.
After he left Clarkson, Roesch learned about network security issues while working on contracts for the Defense Department. Over a weekend in 1998, he wrote a home computer traffic program on Linux software, released it free in the open source community, and Snort was born.
"I was amazed by how many people downloaded it," he recalls. "I had no idea it would so profoundly affect the information security industry or be the basis of thousands of other open source and commercial products."
What drew him to open source? A passion for the free flow of ideas. Reading The Cathedral and the Bazaar by Eric Raymond in the late 90's convinced him that "it was a better model than the proprietary method for development. It was more organic," he explains. "Security in open source is really based on the ‘many eyes' theory versus ‘security through obscurity.'"
After three years (and despite the tech market bust of 2000), Roesch saw an opportunity to combine the innovative energy of open source software development with commercial products. Taking a chance, he left his job at a California start-up, attracted four employees, and launched Sourcefire. His goal was simply to scale up Snort for large companies. But as he raised more than $54 million in venture capital funding, his horizons broadened. "Sourcefire is best known as a leader in intrusion prevention," he says, "but my real vision is for the company to be instrumental in transforming the way organizations manage and minimize their risks."
Sourcefire 3D can analyze security events in real time and enables automated, dynamic responses before, during and after an attack. Today it is utilized by 80 percent of Fortune 100 companies, 42 percent of the Global 500, U.S. government civilian agencies and military branches, and educational institutions around the world. With six patents awarded and 37 pending, the company has reshaped and bolstered most of the world's network defenses.
In 2007, Sourcefire made headlines when it went public (Nasdaq: FIRE) - the first security IPO since 2002 and the first since 1998 in open source. It also acquired ClamAV, the world's most commonly used open source anti-virus and anti-malware gateway product. Headquartered in Columbia, Maryland, Sourcefire has offices across the U.S. and in Latin America, Asia and Europe. An ongoing productive relationship with a large open source community also remains vital. "Your open source user base is your farm team," he explains. "You've got to do a really good job taking care of them. The combination of open source community projects with commercial value-adds such as extra functionality, support documentation, and so on is a win-win for all."
Roesch modestly attributes much of his success to being "in the right place at the right time with a broad view," though he notes that "fortune favors the prepared mind."
On a personal level, says Roesch, "I'm still largely the same guy I was at Clarkson - just a little more focused with a little more ambition."
Clarkson was also where he met his wife, Anna (Williams) '92 (ECE), herself a "very talented" engineer. They have four children. He believes that as a fellow professional, she particularly appreciates the complications involved in balancing home and career due to his demanding schedule. "A nice thing about having your own company," he points out, "is that when you're not traveling you can work a pretty flexible schedule."
The odds against Sourcefire's success were far greater than he initially appreciated, Roesch now recognizes. "On paper it looks like a really bad idea. It worked out because I was charmingly naïve and relentlessly optimistic. I thought I had an angle that would work." His take-away message for Clarkson students or other alumni with an entrepreneurial dream: "Go for it!"