
Sources: Security Firm Norse Corp. Imploding - dsr12
http://krebsonsecurity.com/2016/01/sources-security-firm-norse-corp-imploding/
======
MichaelBurge
"Those sources say the company’s investors have told employees that they can
show up for work on Monday but that there is no guarantee they will get paid
if they do."

Is that even legal?

~~~
hueving
To tell people not to come in because there is no money?

------
meowface
Didn't exactly call this in particular, but an old comment of mine about how
many serious infosec professionals had a very low opinion of Norse:
[https://news.ycombinator.com/item?id=9855582](https://news.ycombinator.com/item?id=9855582)

Definitely not surprised.

~~~
rdl
A lot of infosec professionals have the same opinion of the "threat
intelligence" pile-on overall.

Norse had some amazing engineers working on their appliance, way before demand
in any way justified that level of investment. Fortunately most of them have
already found new jobs.

~~~
meowface
True, the threat intelligence industry is a mess and reminds me a little of
early tech startups in the last bubble. It's a response to breach hysteria.

Threat intel is a good idea in theory. As more and more threat intel companies
start being filtered and shutdown (and I'm sure 80% or more will), there'll
probably be a few left that provide some real value to security programs.
Until then, it's just going to be 90% marketing.

------
rasz_pl
Remember a wave of personal firewall products around 2005?
zonealarm/norton/mcafee all had those sexy "security" popups/notifications
about IP x.x.x.x HAXORING you with ICMP packet.

This is what Norse offers, but repackaged for clueless executives instead.

~~~
spydum
BlackICE defender was hot stuff for my NT4 clusters.

------
samlinkl
This is pretty amazing. At least as implied by the article, this isn't just
mis-management of the company, this is serious misconduct.

------
dguido
Anyone that knew anything about security knew that Norse was full of it. Norse
is a shining example of how little information most people have about the
security products and services they buy. It's all marketing, and it leads to
more snake oil than not.

~~~
harshsec
Let's not forget when Norse named a fictional person named "Lena" as the
person who perpetrated the Sony hack in 2014 based on "Open-Source analysis"
of the leaks.

[http://gawker.com/researcher-sony-hack-was-likely-an-
inside-...](http://gawker.com/researcher-sony-hack-was-likely-an-inside-job-
by-a-wom-1676556756)

------
efoto
Doing serious due diligence when joining a startup is always a good advise.

~~~
alex_anglin
From the fine article: "The data scientist said she vetted Norse’s founders
prior to joining the firm, but that it wasn’t until she was fired at the
beginning of 2016 that she started doing deeper research into the company’s
founders.

“I realized that, oh crap, I think this is a scam,” Landesman said. “They’re
trying to draw this out and tap into whatever the buzzwords du jour there are,
and have a product that’s going to meet that and suck in new investors.”"

I guess the lesson is that even serious due diligence isn't a guarantee.

~~~
jonesb6
For many people "serious due diligence" is a Google search.

Relationships between people, even business ones, are based on trust. You'll
rarely know if someone deserves your trust by the time you have to give it to
them, so it's more important to realize whats actually going on then to be
lulled into a false sense of security for how you think someone is.

It amazes me that in so many of these stories the people who got hurt, usually
employees or investors, will just stand around afterwards with their hands in
their pockets saying how smart the perpetrators are and how they were fooled.
It isn't that this particular situation has no guarantees, it's that their are
few to no guarantees in life (especially when money is changing hands).

~~~
efoto
When I mentioned "serious due diligence" I didn't mean Google search. I should
have spelled it out. When a founder is neither a well-known person nor someone
you know personally very well, the answer is a background check done by a
professional.

Of course there is no guarantee, I'm talking about being prudent and improving
your odds.

Finally, I personally know how it feels being employed by a startup founded by
a con artist.

------
droopybuns
my only insight into Norse's shadiness is it's low class tweet stream:
[https://twitter.com/norsecorp/status/497487387245547521](https://twitter.com/norsecorp/status/497487387245547521)

~~~
rdl
What problem do you have with them paying people for wearing their vendor swag
around a conference full of buyers? $100/h is cheap in the scheme of Black Hat
promotions, too.

I love their knit hats. I wonder if I can buy a case of them from Solarflare.

