Jonathan Cran

Sources: CYBR.SEC.Media — From Threat Intel to VulnOps (May 2026).

Who

Founder of Mallory, a startup building what he describes as an “intelligence-driven security operations platform.” Surfaced on the wiki via the CYBR.SEC.Media May 2026 feature article that frames Mallory’s positioning around the VulnOps category — fusion of threat intelligence and vulnerability management into a single agent-augmented function.

Relevance to This Wiki

Cran is the wiki’s load-bearing source for several specific structural framings of the agentic-SOC end state:

• “Un-silo the information so that it can be brought into the context window for the agent to be able to operationalize it” — the root-cause framing of why SOC automation built on conventional silos plateaus.
• VulnOps as CTI + vuln-management fusion — the second independent sourced framing of the VulnOps term on the wiki (paired with the Mythos-ready briefing’s discovery-and-remediation framing).
• “Threads, not cases” — every investigation as a collaborative analyst-agent thread rather than artifacts-in / reports-out case management.
• “Monitor mode” — the SOC end-state framing where teams hand off as much as possible to agents and shift to supervision.
• CISO as “router and trusted source of information” — role evolution from incident commander to translation layer between AI-enabled operational teams and business leaders.

Adjacent / Open

• Background, prior affiliations, and publication history pending primary-source confirmation. Treat as seed page.
• Mallory’s GA timeline and architecture — explicitly pre-GA per the source article; Black Hat targeted for full demonstration.