Blue Coat Labs

Labs Team

Andrew Brandt

Director of Threat Research
Andrew is a former investigative reporter turned malware analyst. At Blue Coat, Brandt uses his knowledge about the behavior of malicious software to profile identifiable characteristics of undesirable or criminal activity. Chronicled on the company's blog, his analysis techniques seek to identify the perpetrators of cybercrime, as well as to determine general principles that can help analysts and defenders rapidly and comprehensively identify the root cause of infection and data loss, putting real-time network data analysis at the front line of prevention.

Jonathan Camp

Principal Engineer, Platform Architect
Jonathan hails from 60 degrees north. As a bit-twiddler at Blue Coat's Norway office, he leverages his 16 years of industry experience to oversee the technical development of Blue Coat's Malware Analysis Appliance. Previously he worked for the U.S. Department of Energy as a reverse engineer, helping to develop several software-defined radio products. Jonathan is an avid technologist and is currently researching various interaction methods for petabyte-scale malware collection and analysis systems.

Jonathan Dinerstein

Senior Research Scientist

Dr. Jonathan Dinerstein holds a Ph.D. in Computer Science.  His specialties include artificial intelligence, machine learning, data mining, big data, and high-performance software.


Snorre Fagerland

Sr. Principal Security Researcher
Snorre has worked with computer security issues for almost two decades. He was the first dedicated computer virus analyst at the Norwegian antivirus vendor Norman, and had in that role participated in the detection and mitigation efforts against most major malware problems to date. Currently, he advises on development of new technology and oversees maintenance of detection rules for the Malware Analysis Appliance. Snorre’s research has been mentioned in publications such as Forbes, The Economist, and The Wall Street Journal.

Øystein Fladby

Team Leader, Threat Research and Response
Øystein has been a reverse engineer, a developer, a project manager and a team leader within the field of malware analysis and threat research since 2005. He has designed and engineered automated systems to monitor and automatically add detection on the daily influx of new malware samples. Currently, Øystein leads an international threat research and response team out of the Blue Coat office in Norway.


Waylon Grange

Senior Threat Researcher
Waylon is an experienced reverse engineer, developer, and digital forensics examiner. He holds a graduate degree in Information Security from Johns Hopkins University, and has worked numerous computer incident investigations spanning the globe. Prior to Blue Coat Systems, he worked for the Department of Defense performing vulnerability research, software development, and Computer Network Operations.

Lars Haukli

Senior Security Researcher
Lars Haukli holds an M.Sc. in Information Security from the Norwegian University of Science and Technology, and has been reverse engineering malware professionally since 2007. He designs and develops anti-malware technology, and is especially fascinated by obscure low level code and kernel mode rootkits. The primary source of inspiration for his work is the malicious code itself, as he realized a long time ago that many of the techniques used by malware authors may be used for both good and bad.

Tim van der Horst

Senior Threat Researcher
Tim creates real-time and background processes to identify web-based threats. Currently, his research focuses on the identification and tracking of malnets, i.e., the infrastructure created by the Bad Guys to host malware and drive traffic (via search engine poisoning, spam, social networking, etc.) to their sites. He holds a Ph.D. in Computer Science from Brigham Young University.

Chris Larsen

Architect, WebPulse Threat Research Team
Chris (@bc_malware_guy) leads the WebPulse section of the Labs at Blue Coat Systems. This team monitors Web traffic logs for enterprise, government, small business, and home users around the world, looking for traces of malicious activity. He's been writing code for almost 3 decades, and Blue Coat's blog for the last several years -- which you should follow, since reading about malware is more fun than cleaning it off of your network. He used to play World of Warcraft with his sons, but cancelled his account years ago, since it's more fun to fight real Bad Guys.

Patrik Runald

Vice President of Research
Patrik has worked with security issues and malware for close to two decades. He started his career at F-Secure where he, among other things, developed their first automatic signature update system. In 2008 he joined Websense in San Diego, CA to lead their security research efforts where his team developed several major technologies including ThreatScope, a cloud-based sandbox solution. In 2013 he joined Norman Shark to lead the US engineering team focused on developing malware analysis systems and joined Blue Coat in 2014 as part of an acquisition. Today Patrik is the VP of Research and oversees the organization tasked with protecting Blue Coat's customer base from Internet borne threats.