The latest cybersecurity trends, best practices, security vulnerabilities, and more
Meet Fred House
Senior Director, Product Detection and Research
By Michael Alicea · July 12, 2022
At Trellix, we celebrate and champion our people. For a long time now, I’ve been looking forward to connecting with Fred House, a Senior Director at Trellix Threat Labs and a consummate and “driven” expert in how many of our products identify and detect cybersecurity attacks.
MICHAEL: Fred, although we have spent lots of time working on business issues it’s great to get to know the real Fred House! Finally.
FRED: Thanks, Michael. I understand you want to know all my deepest, darkest secrets so you can write a blog about them and tell the world.
MICHAEL: Well, you heard right. (Laughing). That’s pretty much it. On my side, I was surprised that you and I were conversing in Spanish and you were quite fluent. Now, I have heard through the grape vine that you found your way to Trellix and information security via Buenos Aires (that explains the Spanish) and falling in love with a French woman a few years ago?
FRED: Oui, Michel. (Also laughing) Guilty as charged.
MICHAEL: Ok. So, tell me!
“What’s my team do? We live and breathe the intense process of making sure our products excel at finding evil. There’s a real opportunity here. What’s exciting is Trellix is actually going to execute on building the next great thing in the industry.”
FRED: Well, that’s actually a good place to start. After graduating from Virginia Tech with a degree in computer engineering, I moved to Northern Virginia and worked there for about 10 years before having what I jokingly refer to as my pre-midlife crisis. I was kinda climbing the corporate…
MICHAEL: Hold on Fred. You just crashed through about 10 years of your life in four words. Was that intentional? There are a lot of our folks that seem to live in Northern Virginia at one point in their career and we never really get to find out what they did there.
FRED: (Laughing). That’s the point! We keep secrets; we don’t tell them. (Laughing again) In all seriousness, that first phase of work in my career was in hindsight well, a little boring! I did a ton of systems integration work for large government agencies. It was technically challenging, but not very inspiring compared to what we’re doing now.
MICHAEL: Got it. Take us back to Buenos Aires. Por favor.
FRED: Well, I had great opportunities if I stayed put in Virginia. But I wanted more for my life. I wanted to travel and learn other languages. I wanted to do something crazy. So, I resigned from my job and bought a one-way ticket to Argentina. To Buenos Aires. I moved there without knowing a single person.
MICHAEL: Why that particular country, and city?
FRED: My stepfather had been there in the ‘70s with the U.S. military and had always talked about it as the “Paris of South America.” He painted a picture of this place as amazing and mysterious. Before I left, I did a little research and found an American IT company with an office down there looking for an American to serve as a liaison. I took a 75% pay cut, but that didn't matter to me because it wasn't the point of it all.
MICHAEL: Where did you live?
FRED: I ended up living with two French guys with whom I became very close. One of them introduced me to a French woman I ended up marrying. She finished her masters in 2009, and we moved to the Middle East for her work.
MICHAEL: The Middle East?
FRED: Yes. Dubai. I ended up with a job over there in what's called computer network operations, which is the offensive side of computer security. That’s how I ultimately transitioned from computer engineering to infosec.
MICHAEL: Got it. What happened next?
FRED: Three years later, my wife and I relocated again, this time to New York City. We just decided it was time to go back closer to home. One of my buddies gave me some advice, ‘Since you’ve been doing work on the offense side, think about learning what’s it’s like to play defense.’ And so that's how I ended up joining Mandiant. For the next two years, I worked as an Incident Responder on some of the most exciting breaches of the time. But, because I am an engineer at heart, I was always trying to find the next tool I could write to make things more efficient.
MICHAEL: Now I’m seeing how your personal story starts to connect with what you do now at Trellix. Actually, since I’m reminding myself that blogs like these help “younger Fred Houses” learn from your choices to make their own decisions about their careers, I think what you just described is sort of your niche, or “special sauce”. Would you agree?
FRED: Yes. I would say that, at this stage of my career, I’m benefiting from the choices I made at the outset. I think you’re asking about what differentiates me here at Trellix. I would say it’s my years of field work. Conducting investigations to understand attackers and their methodologies. I didn’t plan it that way when I was younger, but in retrospect that experience has probably been the biggest factor driving my success at FireEye and now Trellix, as we go forward.
MICHAEL: Now: stop being Fred House for a moment. If I asked your colleagues what your greatest strength was, what would they say?
FRED: I’ve been told by a few folks that they appreciate that I'm technical. I bring three things to the table: practitioner experience, incident response and software engineering.
MICHAEL: Ok. Tell me what that means.
FRED: Ok. If I'm in a meeting with folks talking about how our products are going to detect something, you can't really bluff me. I understand the technical side very well and then, because of my experience working on the offensive and defensive side of computer security, I know the tools and the techniques. A lot of times you get engineers who set out to write code to do something, but they don't have enough context around how what they’re building will be used. They don’t understand the broader ecosystem.
MICHAEL: Great explanation. We all make career choices. Some of those are by intention. Others are by accident – or circumstance. In the end, my hope for all of us at Trellix is that each one of us personally finds passion in our work. For me in HR “living security” – at least internally – also means “living our best life in security.” So, what I love about your story is that you took a chance, stepped outside the box, left your country, found your partner, brought a highly differentiated skillset to Trellix and launched the next half century of your life. Not to mention your empathy for your team members.
FRED: (Laughing). Wow. I will use that as my next elevator pitch!
MICHAEL: (Also laughing). I still haven’t asked you about your current position. What’s your role here?
FRED: I’m a senior director. I manage multiple teams passionate about detection. We live and breathe the intense process of making sure our products excel at finding “evil.” I spend most of my time focusing on our endpoint and secops products. I also manage an engineering team that hyperfocuses on innovation – researching new ways of detecting malicious activity and building new capabilities at scale, some of which overlap and replace each other, faster than we can get them to market. One of our greatest successes recently was around detecting and investigating lateral movement. That’s my world – and my work – at Trellix right now.
MICHAEL: How do you relax and “check out”?
FRED: Well, music has always been a passion of mine.
MICHAEL: Great. Which bands?
FRED: Phish, Jamiroquai, Dave Matthews Band, Steely Dan, Outkast. I'm all over the place. I listened to a lot of hip hop growing up as well too, so I still have a I still have a place in my heart for it.
MICHAEL: When you look back on your career today, what are you most proud of? Can you pick a moment?
FRED: Yes, I think so. When you get involved in these investigations where you’re kicking out the bad guy, so to speak, those tend to be very rewarding. We had an investigation years ago where the attacker tried to encrypt dozens and dozens of systems and basically destroy the customer’s environment. Based on a bug in the malware they used, we created a tool that helped the customer to recover virtually all of these. I’ll never forget the customers’s gratitude. My teams wake up every morning for that kind of success.
MICHAEL: I can imagine. In fact, It’s not hard to imagine how you can be energized by that.
FRED: Now that I’m thinking about your question – there’s also the Solar Winds breach that happened at FireEye. I supported that internally. Working on something which ultimately led to disclosing Russian involvement in a massive supply chain compromise, that’s extremely fulfilling. I mean, in my line of work, that's almost a dream opportunity.
MICHAEL: Does that Solar Winds color how you view current events?
FRED: Yep, absolutely. The more recent example is the Russia Ukraine invasion. And nationally, there is collaboration from our strategy counterparts in government that I haven't seen in the past. In our space, cybersecurity, when you steal an adversary’s weapon, you don't tell everybody about it, right? You keep it in this industry, you keep it, you reuse it.
U.S. government agencies are sharing a lot more than they might have in the past. They’re saying: “Hey, listen, all we care about right now is trying to stop this situation and we're gonna give away all this stuff, these malware tools and information.” I'm a recipient of some of that information. I turn around to our product teams and say, “Hey, guys, here are these artifacts and other things we just received. Let’s go. Let’s make sure our products protect against these.” In a work sense, I live for that.
MICHAEL: What's it like to work at Trellix? What's the culture like?
FRED: Well, it's crazy right now. We’re building something new. It’s like a startup because we have to solve problems others haven’t or can’t. Bryan, our CEO, has made made it really clear what our mission’s about, and what our focus needs to be going forward and he's looking for his teams to execute. So, for me, just speaking personally, there’s a real opportunity here. What’s exciting is Trellix is actually going to execute on building the next “great thing” in the industry.
Nov 28, 2023
Board Support Remains Critical as Majority of CISOs Experience Repeat Cyber Attacks
Nov 27, 2023
Trellix Announces Cybersecurity Generative AI Innovations Powered by Amazon Bedrock
Nov 22, 2023
Trellix Hosts Zero Trust Strategy Virtual Forum
Nov 16, 2023
Trellix Detects Collaboration by Cybercriminals and Nation-States
Oct 30, 2023
Trellix Hosts Actionable Ransomware Detection and Response Virtual Showcase
The latest from our newsroom
By Brian B. Brown · October 16, 2023
Get a recap of key learnings from the Ransomware Detection and Response Virtual Summit and learn to protect your organization against ransomware attacks.
By Nico Devoti · October 9, 2023
Trellix SIA Business Development lead explains the evolution of Trellix Security Innovation Alliance (SIA) partner program, its unique benefits, and why this should be top of mind for customers.
Get the latest
We’re no strangers to cybersecurity. But we are a new company.
Stay up to date as we evolve.
Zero spam. Unsubscribe at any time.