Jump to content


From Wikipedia, the free encyclopedia

ATstake, Inc. (stylized as @stake) was a computer security professional services company in Cambridge, Massachusetts, United States. It was founded in 1999 by Battery Ventures (Tom Crotty, Sunil Dhaliwal, and Scott Tobin) and Ted Julian. Its initial core team of technologists included Dan Geer (Chief Technical Officer) and the east coast security team from Cambridge Technology Partners (including Dave Goldsmith). Its initial core team of executives included Christopher Darby (Chief Executive Officer), James T. Mobley (Chief Operating Officer), and Christina Luconi (Chief People Officer).


In January 2000, Atstake acquired L0pht Heavy Industries (who were known for their many hacker employees), bringing on Mudge as its Vice President of Research and Development. Its domain name was atstake.com.[1] In July 2000, Atstake acquired Cerberus Information Security Limited of London, England, from David and Mark Litchfield and Robert Stein-Rostaing, to be their launchpad into Europe, the Middle East and Africa.[2] Atstake was subsequently acquired by Symantec in 2004.[3]

In addition to Dan Geer and Mudge, Atstake employed many famous security experts including Dildog, Window Snyder, Dave Aitel, Katie Moussouris, David Litchfield, Mark Kriegsman, Mike Schiffman, the grugq, Chris Wysopal, Alex Stamos, Cris Thomas, and Joe Grand.[4][5][6]

In September 2000, an Atstake recruiter contacted Mark Abene to recruit him for a security consultant position. The recruiter was apparently unaware of his past felony conviction since Atstake had a policy of not hiring convicted hackers. Mark was informed by a company representative that Atstake could not hire him, saying: "We ran a background check." This caused some debate regarding the role of convicted hackers working in the security business.

Atstake was primarily a consulting company, but also offered information security training through the Atstake academy, and created a number of software security tools:

  • LC 3, LC 4 and LC 5 were versions of a password auditing and recovery tool also known as L0phtCrack
  • WebProxy was a security testing tool for Web applications
  • SmartRisk Analyzer was an application security analysis tool
  • The @stake Sleuth Kit (TASK) was an open source digital forensics tool (now called The Sleuth Kit).

Symantec later stopped selling LC5 to new customers citing US Government export regulations, and discontinued support in December 2006.[7] In January 2009, L0phtCrack was acquired by the original authors from Symantec; L0phtCrack 6 was announced at the SOURCE Boston Conference on March 11, 2009.[8] The technology underlying SmartRisk Analyzer was extended, and eventually brought to market by the Symantec spinoff Veracode.

Symantec announced its acquisition of Atstake on September 16, 2004,[9] and completed the transaction on October 9, 2004.[10]

Several members of Atstake left to form the computer security company "iSEC Partners"[11] in 2004. Former Atstake academy instructors Rob Cheyne and Paul Hinkle later formed the information security training company "Safelight Security Advisors"[12] in 2007. The remaining portion of the Atstake consulting group continues to operate as the "Security Advisory Services"[13] team within Symantec's Security Business Practice.

After Atstake[edit]

Numerous Atstake employees pre and post the acquisition by Symantec started their own cyber security services companies, these included:

  • iSec Partners, US
  • ImmunitySec, US
  • Matasano, US
  • NGS Software, UK
  • Safelight Security Advisors, US
  • Leviathan Security, US
  • VSR, US

of these companies NCC Group latterly acquired:

  • NGS Software, UK
  • iSec Partners, US
  • Matasano, US
  • VSR, US

Atstake employees have also started their own cyber security product companies, including:

  • Arbor Networks, US (acquired by private equity firm Danaher)
  • Resilient Systems, US (acquired by IBM)
  • Veracode, US
  • GreatHorn, Inc (acquired by private equity)


  1. ^ "A disaster foretold — and ignored". Washington Post. June 22, 2015.
  2. ^ Bacon, Jono. "A Security CEO and Two Hackers on Building a Safer Internet, Powered by a Community of Hackers". Forbes. Retrieved 2020-04-15.
  3. ^ "Exclusive: Facebook ex-security chief: How 'hypertargeting' threatens democracy". finance.yahoo.com. 8 February 2019. Retrieved 2020-04-15.
  4. ^ Fisher, Dennis (6 March 2018). "'We Got to Be Cool About This': An Oral History of the L0pht, Part 1". Decipher. Duo Security. Retrieved 17 June 2018.
  5. ^ "Space Rogue". Forbes. US. 7 Feb 2000. Retrieved 18 Dec 2017.
  6. ^ Franceschi-Bicchierai, Lorenzo (2023-08-04). "Meet Window Snyder, the trailblazer who helped secure the internet and billions of devices". TechCrunch. Retrieved 2023-08-05.
  7. ^ Leyden, John (2005-11-25). "Symantec refuses to sell audit tool outside the US". Archived from the original on 2023-02-01. Retrieved 2023-05-16.
  8. ^ "New version of L0phtcrack to be unveiled next week". Infosecurity Magazine. 2009-03-03. Retrieved 2009-05-29.
  9. ^ "Symantec press release, September 16, 2004". Archived from the original on 2005-12-12. Retrieved 2005-10-26.
  10. ^ "Symantec press release, October 9, 2004". Archived from the original on 2009-07-31. Retrieved 2018-09-07.
  11. ^ "www.nccgroup.trust/us/our-services/cyber-security/". www.nccgroup.trust. Retrieved 2018-04-02.
  12. ^ "Application Security Training and Assessments - Security Innovation". Archived from the original on 2014-08-13. Retrieved 2020-06-06.
  13. ^ Symantec.com Archived 2010-09-07 at the Wayback Machine

External links[edit]