Category: Threat Seeker
Name: Udi Yavo
Title: Co-founder and CTO
Company: enSilo
Why nominated: Udi Yavo is always on the hunt for vulnerabilities and works tirelessly to improve awareness of unknown flaws to better secure the internet, with notable discoveries including AtomBombing and ProcessDoppelganging.
Profile: When WannaCry hit on the heels of the ShadowBrokers' release of pilfered NSA Tools, the attack was no match for Udi Yavo's team, which successfully protected 100 percent of enSilo's customers, in large part because of Yavo's in-depth inspection of operating system instructions.
A seasoned threat hunter with more than 15 years of cybersecurity experience, Yavo not only discovered AtomBombing and ProcessDoppelganging, but also revealed the PsSetLoadImageNotifyRoutine bug in Windows systems – which he found during a routine research into the Windows kernel – as well as an open-source UNIX vulnerability (CVE-2017-2390) that attackers could exploit to change file system permissions on arbitrary files in macOS, among other exploits and vulnerabilities.
With Yavo at the helm, his research team has also sussed out stealthy hooking mechanisms that affected anti-virus, anti-exploitation, DLP and other security tools.
After spearheading the cybersecurity unit at the National Electronic Warfare Research & Simulation Center of Rafael Advanced Defense System, where he served as CTO, Yavo cofounded enSilo with CEO Roy Katmor.
What colleagues say: "[Udi is] a fully dedicated, technically driven, original thinker with the ability to discover the details of threats with intuitiveness… [He] continues to discover newfound threats integrated within the design of operating systems."
- Roy Katmor, CEO, enSilo