Growing up in his native Pakistan, Ashar Aziz ’81 idolized American inventors he read about. “Thomas Edison, Alexander Graham Bell—even fictional characters like Tony Stark,” he says, referring to the billionaire alter ego of Marvel Comics’ Iron Man. “They motivated me, even though they were not part of my environment growing up.” When he was 15, Aziz tried to patent a heating apparatus he’d invented that used magnetic induction, and called information to find the number for the patent office, only to find out it didn’t exist in Pakistan. “It dawned on me that maybe I was in the wrong country,” he laughs.
Aziz persevered, moving to Turkey to study computer engineering and applying twice to transfer to MIT before he was accepted. Even then he wouldn’t have been able to attend had he not received a scholarship. Now sitting in the lobby of MIT’s Koch Institute during a recent visit to campus, he bears a passing resemblance to Tony Stark, with a dark suit and fashionably long hair. He has the billionaire thing covered too; in September 2013, Aziz’s company FireEye went public, and within six months shares had quadrupled in value.
Before he took FireEye public, Aziz spent a decade fighting evildoers in the shadows in the high-stakes world of cybersecurity. FireEye’s technology helped defend companies and countries against hostile network attacks—a phenomenon that has achieved new visibility this past year with cyber-assaults on Home Depot, JPMorgan Chase, and Sony Pictures. Even the US Central Command saw its Twitter account hijacked in January.
“I effectively predicted this 10 years ago, and for a long time, people did not believe me or think this was a problem worth solving,” says Aziz. “I’m glad now I made the time, effort, and investment to develop the architecture to defend against these attacks.” Countries have been launching salvos against companies for years in order to acquire trade secrets and private information of customers.
Most software designed to protect against such attacks works the same way—by developing digital signatures of attackers and blocking them. “It’s like in the old days, you had Bonnie and Clyde robbing banks, and there were wanted posters everywhere with pictures of the bad guys, and eventually they were caught,” says Aziz. These days, however, the most sophisticated attackers are polymorphic, meaning they change the way they look over time.
“It’s as if Mystique is your bank robber,” says Aziz, in another Marvel Comics allusion to the X-Men villain who can change her shape to match any form. “Having a picture is not going to work.” Instead, FireEye uses a different technique, cloning a network environment and allowing an attacker to infiltrate it, and then observing what it does; if it starts attacking the system, the attacker is blocked before it is allowed into the main network.
“The real trick is to do this at speeds of gigabytes a second, in order to work for large banks and oil companies that have hundreds of attacks coming in,” says Aziz. “You have to find the needle in the haystack, and not come up with false alerts in the process.” Going public has given the company the financing to extend its software globally to a broader range of clients. “Our goal is to take this defensive architecture and make it available even to the smallest organization.”
Even before his company went public, Aziz returned the favor that allowed him to attend MIT by establishing two scholarship funds for incoming students, the Ashar Aziz Mens and Manus Scholarship Fund and the Ashar Aziz (1981) Presidential Fellowship Fund. “MIT gave me a generous gift to come to school here, and I felt if at some point in my life I could repay that debt of gratitude, I would do that,” he says. “My hope is that some of these students will do really well one day and they will return the favor and carry on the tradition and it will make a real difference in other people’s lives.”