“Corey and I worked together at both Microsoft and Parallels. He did such a fantastic job at both companies across a range of functions and products, and it has been great to see what he has gone on to accomplish at Rapid7 over the past several years. I highly recommend Corey.”
About
Builder and problem solver who loves working with others to create strong organizations.
Activity
-
When I talk with security leaders, something I often hear is that they’re chasing measurable impact. At Rapid7, our mission is to simplify access…
When I talk with security leaders, something I often hear is that they’re chasing measurable impact. At Rapid7, our mission is to simplify access…
Shared by Corey Thomas
-
Very honored and excited to be a part of the Decelerate crew! James Roycroft-Davis and I bonded awhile ago over a shared frustration (anger?) that…
Very honored and excited to be a part of the Decelerate crew! James Roycroft-Davis and I bonded awhile ago over a shared frustration (anger?) that…
Liked by Corey Thomas
-
"There's no 'there' there; there's only 'here' here." This truth hit me during a week of hiking in England's Lake District with poet David Whyte.…
"There's no 'there' there; there's only 'here' here." This truth hit me during a week of hiking in England's Lake District with poet David Whyte.…
Liked by Corey Thomas
Volunteer Experience
Patents
-
Methods and systems for testing and analyzing vulnerabilities of computing systems based on exploits of the vulnerabilities
Filed US US 20110191854 A1
A security tool can identify vulnerabilities in a computing system and determine a risk level of the vulnerabilities. The security tool can determine the risk level based on exploits associated with the vulnerabilities. The security tool can determine the risk level based on factors associated with the exploits such as whether an exploit exists, a rank of the exploit, a number of exploits that exist for the vulnerability, a difficulty to identify whether the exploit exists, and an effect of the…
A security tool can identify vulnerabilities in a computing system and determine a risk level of the vulnerabilities. The security tool can determine the risk level based on exploits associated with the vulnerabilities. The security tool can determine the risk level based on factors associated with the exploits such as whether an exploit exists, a rank of the exploit, a number of exploits that exist for the vulnerability, a difficulty to identify whether the exploit exists, and an effect of the exploit on the vulnerability. The security tool can a report identifying the vulnerabilities of the computing system, the exploits associated with the vulnerabilities, and the risk level of the vulnerabilities. The report can also include links to information about the exploits.
Other inventors -
Languages
-
Spanish
-
Recommendations received
4 people have recommended Corey
Join now to viewMore activity by Corey
-
I’m honored to share that I’ve joined DTCC as Chief Information Security Officer, leading first-line cybersecurity strategy and operations within the…
I’m honored to share that I’ve joined DTCC as Chief Information Security Officer, leading first-line cybersecurity strategy and operations within the…
Liked by Corey Thomas
-
Christina Luconi, the GOAT Chief People Officer in Boston, had the reward crowd glued to their seats with her brilliant session on Work-Life Harmony!…
Christina Luconi, the GOAT Chief People Officer in Boston, had the reward crowd glued to their seats with her brilliant session on Work-Life Harmony!…
Liked by Corey Thomas
-
Big news! Delighted to announce the launch of our new Rapid7 Intelligence Hub. Designed to address the challenges faced by security teams of…
Big news! Delighted to announce the launch of our new Rapid7 Intelligence Hub. Designed to address the challenges faced by security teams of…
Liked by Corey Thomas
-
Thrilled to introduce the Command Platform today: Rapid7's unified threat exposure, detection, and response platform. Get to know Exposure Command –…
Thrilled to introduce the Command Platform today: Rapid7's unified threat exposure, detection, and response platform. Get to know Exposure Command –…
Liked by Corey Thomas
Other similar profiles
Explore more posts
-
Scott Kannry
This past week Axio announced an incredible partnership with the Nasdaq Center for Board Excellence. In many respects, this is the culmination of everything that we’ve been building at Axio, designed to take the uncertainty and unknown out of cybersecurity for Boards. Simply put, we’re aiming to put cyber on the exact same plane as every other issue or risk that Boards of Directors and senior executives contend with. Meaning, that the Board can understand what the risk of cyber means to the company and effectively collaborate with the company as to what is being done to manage the risk. And just as importantly, have a clear vantage point on how the business can be impacted if something bad does happen, so that response and mitigation can be effective. That’s how the challenge of cybersecurity is ultimately solved. Not, as so many have thought throughout the years, by creating an impenetrable fortress, which always has and always will be impossible. After all, thousands of years of human ingenuity still has not solved the risk of fire! The inevitability of cyber events is no different than buildings burning down from time to time. 🔥 Instead, the challenge is solved by consistently having a clear understanding of the risk, making reasonable decisions to keep the risk managed, and by having a response plan should the risk still arise. Plain and simple this logic fulfills the “duty of care” test that underpins the core responsibility of Boards of Directors. In terms of what this partnership entails, Axio the Nasdaq Center for Board Excellence will be arming Boards with two key capabilities: 👉 Boardroom Cyber Talks: A monthly, on-demand video series featuring top cybersecurity experts unpacking essential topics and emerging threats. This series empowers board members to confidently participate in cyber discussions. 👉 Axio BoD Cyber Insights: A quarterly, Axio subscription-based report providing company-specific cyber exposure analysis. It translates technical risk into financial terms, helping boards align cyber strategy with overall enterprise risk priorities. Ultimately, we can’t and won’t guarantee that a company and Board that utilizes these resources won’t have an event. What we are confident about is that a company and Board that utilizes these resources will more easily understand and more effectively manage cyber than ever before, without the fear or uncertainty of what could come tomorrow. Duty of Care fulfilled for Cyber? ✅
27 Comments -
Michael Sikorski
Earlier this week, I had the opportunity to represent Palo Alto Networks at the Fordham Gabelli School of Business Annual ICCS conference, where I was honored to be on a panel on the "Typhoons" alongside the rockstars protecting our nation - the FBI’s Brett Leatherman and NSA’s Kristina Walter. Silverado Policy Accelerator’s Marc Raimondi was the moderator. Here are some highlights from my commentary: 🔸Untangling the Typhoon Web: Our industry is constantly working to clarify and formalize information around these complex threat actors. We all have our own visibility and attribution frameworks. It's a collaborative effort and one that is critical for driving consensus and clarity. We must and will get better here. 🔸 Rethink the SOC: Effective detection and response against these actors, and even financially motivated groups like Muddled Libra, requires a shift in the SOC to comprehensive telemetry, holistic, AI-powered detection, and end-to-end automation. They aren't using malware so many of the traditional ways of doing things doesn't work. You need to connect the dots fast. 🔸Beware of the IT Supply Chain: With the increasing trend of outsourcing IT support, helpdesks, and even more with AI, the IT supply chain presents a massive opportunity for the Typhoons. IT support organizations, while cost-effective for businesses, often have fewer security resources, higher risk for insider threats and are becoming the "keys to the kingdom" for many. My key takeaways? We need to evolve beyond just IOC sharing and focus on specific and measurable outcomes. After all, the Typhoons and even cybercriminal groups like Muddled Libra don't have malware hashes to share at all. Collaboration, especially when it comes to the Typhoons, is crucial in defending against these persistent and evolving threats. No one organization – public or private – has full and complete visibility. We are stronger when we work together. We must keep pushing on this front together. Palo Alto Networks Unit 42 Eva Dudzik Mehlert Wendi Whitmore Sam Rubin Jason Healey Cyber Threat Alliance
9 Comments -
Anuj Goel
Today marks a significant milestone in our journey toward building a truly AI-native threat intelligence ecosystem with the launch of the Cyware Model Context Protocol (MCP) Server. This open-source capability securely connects LLMs with Cyware’s platform, allowing security analysts to use natural language to automate investigations, orchestrate complex workflows, and take decisive actions directly and securely through the LLMs. 🔗 Learn more: https://buff.ly/J4KDAbX The #MCPServer supports Cyware’s goal of enabling smarter, #AI-powered threat intelligence operationalization. As a key component of Cyware Quarterback AI, it helps power contextual, end-to-end threat intelligence-driven response workflows across the threat lifecycle. Our focus remains on applying practical and responsible AI to improve how organizations manage and act on cyber threat intelligence in real time. We will be showcasing the MCP Server this week at #BlackHat USA 2025, Booth 5819. If you are attending, connect with our team and explore the latest advancements in #cyberthreatintelligence.
7 Comments -
Nirav Shah
From Unknown to Under Control: The New Era of FortiRecon Platform We’re thrilled to announce major enhancements to FortiRecon, transforming it into one of the industry’s most comprehensive solutions aligned with the Continuous Threat Exposure Management (CTEM) framework. The latest release delivers: 1. Expanded internal attack surface monitoring 2. Comprehensive Brand Protection 3. Adversary-centric dark web intelligence 4. Integrated security orchestration 5. All of the above in single unified platform ! We’re also proud that FortiRecon has been recognized as an Overall Leader in the KuppingerCole Leadership Compass for Attack Surface Management 2025. With these enhancements, FortiRecon gives organizations an attacker’s-eye view of both internal and external exposures—powered by AI-driven threat intelligence from FortiGuard Labs, real-world validation, and automated response. This helps security teams cut through the noise, focus on what matters most, and measurably reduce risks before attackers can strike. I also sat down with our CISO Dr Carl Windsor to talk about CTEM and our innovations that help organizations move from “Unknown to Under Control”—giving them the visibility and focus they need to stay ahead of threats. Press release : https://lnkd.in/d_9ebpDu KuppingerCole Leadership Compass Report : https://lnkd.in/d8RG_BeB Learn more about our innovations : https://lnkd.in/dviAuHWp #CTEM #SOC #FortiRecon #Innovations
Explore top content on LinkedIn
Find curated posts and insights for relevant topics all in one place.
View top contentOthers named Corey Thomas in United States
-
Corey Thomas
-
Corey Mathison
-
Corey Thomas
-
Corey Thomas
Executive Director of Information Services at Blue Learning
537 others named Corey Thomas in United States are on LinkedIn
See others named Corey Thomas