Senior Cybersecurity Engineer
Michael Esposito is a senior cybersecurity engineer for The MITRE Corporation. Michael develops cyber analytics and techniques for hunting external and internal threats. During his years with MITRE’s Insider Threat Capability, Michael utilizes his cybersecurity subject matter expertise and experience to explore and implement new ways of characterizing and detecting malicious insiders’ search, collection, and exfiltration cyber activities using a variety of host-based and network-based sensors. Michael was the technical sensors lead on the first remote-working and insider threat behavioral experiment, which identified a large collection of novel, non-obvious cyber indicators of malicious search, collection, and exfiltration of data from a live corporate network by employees – and the evasion strategies underlying those indicators. That study was the first exploration of malicious insiders’ exfiltration patterns, identifying unique, creative threat vectors for data exfiltration by malicious insiders, and how these differ from employees sending data off-network as part of their job. He also works on projects to assess the effectiveness of security operations centers. Michael holds a bachelor’s degree in computer science and a master’s degree in cybersecurity in computer science from The George Washington University.