Sergej Epp

Sources: Unprompted Conference March 2026 (speaker), Mythos-ready paper (cited as Zero Day Clock creator), zerodayclock.com.

Who

CISO, Sysdig. Surfaced on the wiki via two distinct contributions during the March 2026 Unprompted conference:

  1. The Zero Day Clock — empirical instrument visualizing the collapse of the median Time-to-Exploit from 771 days (2018) to zero-day by 2025 across CVE-exploit pairs (CISA KEV + VulnCheck KEV + XDB). The primary quantitative anchor for the “window-of-exposure collapse” argument across multiple theses.
  2. The 8 Minutes to Admin. We Caught it in the Wild talk — real AWS-admin-compromise case study reached in 8 minutes via stolen credentials, plus disclosure of EtherRAT, a fileless Node.js implant using Ethereum smart contracts for C2. The talk is documented on the Unprompted conference page with behavioral attribution methodology.

Relevance to This Wiki

Across the Zero Day Clock curve and the 8-minute admin concrete incident, Epp supplies both the empirical trend and the observed instance of Mythos-era TTE collapse. The two together are referenced in the Mythos-ready strategic briefing’s timeline and Risk Register.

Adjacent / Open

  • Biographical detail beyond “CISO, Sysdig” and the two cited contributions pending primary-source confirmation. Treat as seed page.