Breaking the Cycle: A Future-Ready, Prevention-First Approach to Cybersecurity with Michael Gorelik 

In a recent episode of the BlueHat Podcast, hosted by Nic Fillingham and Wendy Zenone, Morphisec’s CTO and Founder, Michael Gorelik, shared insights into his 20+ years of experience in cybersecurity, his team’s groundbreaking research, and the cutting-edge technology driving ransomware prevention. The conversation spanned everything from vulnerability research to the philosophy behind Morphisec’s prevention-first approach. Here’s a summary of the key takeaways from the episode: 

1. The Race Against Cyber Adversaries 

During the discussion, Michael emphasized the constant race between researchers and attackers. Adversaries are always innovating, leveraging disclosed vulnerabilities, and exploiting incomplete patches. To counter this, Morphisec conducts in-depth research, starting with disclosed vulnerabilities and proof-of-concept (PoC) exploits, to identify overlooked weaknesses and ensure patches are truly effective. 

Michael explained how his team investigates patches, often finding incomplete fixes that leave organizations exposed. For example, his team has identified multiple bypasses for vulnerabilities in Microsoft products, such as Microsoft Outlook and Office 365, through rigorous reverse engineering and stress testing of patches. This “race condition” highlights the importance of staying ahead of attackers by continuously improving defenses. 

2. Breaking the Cat-and-Mouse Cycle 

The core philosophy behind Morphisec’s Automated Moving Target Defense (AMTD) technology is to break the endless cycle between attackers and defenders. Instead of relying solely on detection and response, Morphisec focuses on prevention by making attack surfaces unpredictable. This approach introduces polymorphism, dynamically changing how endpoints appear to attackers, rendering their exploits ineffective. 

Michael described this as shifting the burden—from defenders reacting to attackers, to attackers being forced to adapt to an ever-changing environment. This concept inspired the name Morphisec, derived from the word “morphing,” representing constant change in the attack surface. 

3. Collaboration with the Security Community 

Michael and his team are deeply embedded in the global cybersecurity community, frequently contributing to events like DEF CON and BlueHat. He shared how Morphisec’s research team has been recognized as top contributors to Microsoft’s MSRC program, submitting critical vulnerabilities that have led to improved security for millions of users. 

One notable example was their work on Microsoft Outlook vulnerabilities, where they discovered that incomplete fixes allowed attackers to bypass safeguards by exploiting simple oversights, such as trailing slashes in file paths. This iterative process of identifying, disclosing, and patching vulnerabilities underscores the importance of collaboration between researchers and vendors. 

4. The Zero Day Quest and the Future of Vulnerability Research 

Michael also discussed Morphisec’s participation in Microsoft’s Zero Day Quest, an invite-only hacking competition for the world’s top security researchers. As one of the top contributors to Microsoft’s vulnerability research program, Morphisec was automatically invited to the event. Michael highlighted the importance of competitions like Zero Day Quest, which foster innovation and push researchers to uncover new attack vectors. 

Looking ahead, Michael and his team plan to expand their focus to cloud-based attack surfaces, including SharePoint and AI-driven systems, as these represent the next frontier in cybersecurity. 

5. Advice for Aspiring Cybersecurity Researchers 

When asked for advice for aspiring researchers, Michael stressed the importance of curiosity, persistence, and embracing failure. He encouraged newcomers to start with existing PoCs, experiment with them, and learn by doing. “The first few years are about failing,” he said. “The more you fail, the more you learn. By the third or fourth year, you’ll start succeeding because of those failures.” 

His message was clear: Passion and perseverance are the keys to success in cybersecurity. Michael also highlighted the importance of taking risks and jumping on opportunities to explore different areas of security until finding a niche you’re passionate about. 

6. Morphisec’s Mission: Prevention-First Security 

Throughout the podcast, Michael reiterated Morphisec’s mission to stop ransomware and advanced threats before they can execute. By focusing on prevention, Morphisec reduces the need for reactive measures like incident response and minimizes the impact of cyberattacks. This prevention-first mindset, combined with innovative technologies like AMTD, ensures that organizations can stay ahead of even the most sophisticated adversaries. 

Conclusion: A Future-Ready Approach to Cybersecurity 

The episode providesd a glimpse into the inner workings of Morphisec and its commitment to protecting organizations from evolving threats. With a focus on prevention, collaboration, and innovation, Morphisec is redefining how businesses approach cybersecurity.  

By combining advanced research, cutting-edge technology, and a relentless drive to outpace adversaries, Morphisec is helping organizations achieve what Michael Gorelik calls the ultimate goal: “Making attackers chase us instead of the other way around.” 

To learn more about Morphisec’s prevention-first solutions, visit Morphisec.com. 

Explore the full podcast episode on The BlueHat Podcast. 

About the author

Brad LaPorte

Chief Marketing Officer

Brad LaPorte is a seasoned cybersecurity expert and former military officer specializing in cybersecurity and military intelligence for the United States military and allied forces. With a distinguished career at Gartner as a top-rated research analyst, Brad was instrumental in establishing key industry categories such as Attack Surface Management (ASM), Extended Detection & Response (XDR), Digital Risk Protection (DRP), and the foundational elements of Continuous Threat Exposure Management (CTEM). His forward-thinking approach led to the inception of Secureworks’ MDR service and the EDR product Red Cloak—industry firsts. At IBM, he spearheaded the creation of the Endpoint Security Portfolio, as well as MDR, Vulnerability Management, Threat Intelligence, and Managed SIEM offerings, further solidifying his reputation as a visionary in cybersecurity solutions years ahead of its time.