Services provided by Finalto are only available to professional clients and eligible counterparties.

Group

Contact

Gal Kapanawa May 2026

During this time, Kapanawa also developed a personal rule he called the "Two-Sweat Rule" : If a system requires more than two minutes of manual intervention to recover from a breach, it is fundamentally flawed. This principle drives his later work in automated incident response. In 2017, after a near-fatal car accident in Virginia that many in the infosec community (only half-jokingly) attribute to a nation-state's attempt to silence him, Gal Kapanawa re-emerged. He founded a new company, Resonant Security , and released the Phoenix Protocol .

Critics called it dangerous. Proponents called it visionary. In 2019, a major ransomware gang using a variant of Ryuk penetrated a healthcare network protected by Phoenix Protocol. The gang spent three days encrypting fake patient records while the actual hospital ran normally on the cloned backup. The gang did not get paid. posted a single tweet after the incident: "Sometimes you don't fight the fire. You starve it of oxygen." Philosophy: The Ethics of Active Defense What sets Gal Kapanawa apart from other cybersecurity gurus is his unflinching stance on active defense. He famously refuses to call it "hacking back." In his 2020 keynote at Black Hat (his first and only public keynote), he stated: Gal Kapanawa

The product was initially dismissed as "too paranoid" by mainstream IT departments. But in late 2007, a sophisticated attack targeting three major European banks was silently thwarted by the Kernel hours before it could exfiltrate data. The banks couldn't discuss the attack publicly, but word spread through the security underground. had just predicted the rise of fileless malware years before it became a common threat. The Shadow Years: Government Consulting Between 2010 and 2016, public mentions of Gal Kapanawa vanished. His LinkedIn was deleted. His academic papers were removed from public databases. According to later leaks from the Edward Snowden documents (though his name is redacted in most releases), Kapanawa was recruited by a "Five Eyes" partner to design a cross-domain solution for air-gapped networks. During this time, Kapanawa also developed a personal

His big break came in the early 2000s. The world was grappling with the rise of widespread worms like Code Red and Nimda. While the industry focused on reactive antivirus definitions, argued for a radical premise: Assume breach. Trust nothing. Verify everything. This was the seed of what would later become the Zero Trust framework. The "Kapanawa Kernel" and the 2007 Breakthrough By 2005, Kapanawa had moved into the private sector, joining a then-obscure cybersecurity firm named Sillan Cybernetics . The company gave him a small team and a mandate to "build something unbreakable." He founded a new company, Resonant Security ,

But who is Gal Kapanawa? Depending on who you ask, the answer changes. To some, he is the genius who predicted the zero-trust architecture movement a decade before it became industry standard. To others, he is a ghost—a former intelligence operator who built some of the most resilient encryption protocols currently protecting global financial transactions. This article dives deep into the career, philosophy, and lasting impact of , a figure who redefined what it means to be a defender in the digital age. The Formative Years: From Mathematician to Operator Born in Tel Aviv in the late 1970s, Gal Kapanawa showed an early aptitude for pattern recognition and abstract mathematics. Unlike many of his peers who gravitated toward the flashy world of software development, Kapanawa was obsessed with vulnerability —not just in code, but in human systems.