Two seasoned cybersecurity professionals are introducing a new venture with the mission to bolster the defenses of Apple’s ecosystem. This startup, known as DoubleYou, springs from the minds of Patrick Wardle and Mikhail Sosonkin, former National Security Agency operative and Apple security expert, respectively.
Wardle, who has an extensive background in both offensive and defensive security research, especially in the realm of Apple macOS, has been actively creating free security tools for macOS through his Objective-See Foundation. Sosonkin, also deeply experienced in offensive cybersecurity, brings his expertise from his tenure at Apple. The duo sees themselves as a perfect match, with Wardle as the visionary and Sosonkin as the exceptional software engineer poised to materialize these visions.
The rationale behind DoubleYou is the recognition that, while the popularity of Mac computers surges in the workplace, the availability of robust security products for macOS and iPhones has not kept pace. This shortage of advanced protective measures leaves Apple devices increasingly vulnerable to cyber attacks. Wardle and Sosonkin attribute this gap to a scarcity of skilled macOS and iOS security researchers, which hinders the development of comprehensive security solutions.
By adopting a strategy akin to that of offensive hackers, DoubleYou plans to offer modular defensive tools. This approach, which is reminiscent of offensive security companies that provide full exploit chains or individual components, is meant to democratize security from the defensive perspective. DoubleYou envisions licensing individual capabilities to other companies, allowing them to integrate these into their own security products.
The co-founders have yet to finalize their suite of modules but are certain that their offerings will include essential components like process analysis to detect and block unverified code and monitoring of DNS network traffic to identify malware communications. While these features will be tailored primarily for macOS, the founders also aim to develop tools that can pinpoint persistent software, behavior-based detection of cryptocurrency miners and ransomware, and surveillance of permissions for webcam and microphone access.
Describing their business model as an ‘off-the-shelf catalog,’ DoubleYou enables clients to select the necessary components for their security infrastructure. This methodology, which Wardle compares to supplying car parts rather than assembling the entire vehicle, has been previously employed in his creation of Objective-See tools such as OverSight and KnockKnock.
Sosonkin emphasizes that the venture’s success hinges not on novel technology but on the strategic deployment of existing tools. Currently, the founding duo has decided against external funding, preferring to maintain independence and avoid the pressure to scale precipitously, which could detract from their focus on technological development.
Despite the challenges, they remain optimistic, driven by a desire to thwart malware and, ideally, to profit from their efforts in the process.
