today we would like to share with you another great interview. We've talked with Roelof Temmingh the founder of Paterva. Now you can read his answers about Maltego platform and gain informations you probably didn't know before. Enjoy !
[PenTest Magazine]: Just in case some of our readers are not familiar with Paterva Maltego, which they should be, could you introduce yourself and your company?
I am Roelof Temmingh the managing director and founder of Paterva. We make software called Maltego. Maltego is an exploratory link analysis platform. Out the box it comes with OSINT capabilities but it’s pretty flexible and can be used to visualise almost any type of data.
[PenTest Magazine]: Where did the name Paterva Maltego come from?
[RT]: ‘Paterva’ does not mean anything. It’s just a cool sounding name. Same with Maltego. At Paterva we make Maltego, we train on Maltego and from time to time we build solutions with Maltego. We don’t really do anything else. We’re a super small company located in South Africa.
[PM]: How did you came up with an idea of creating Maltego?
[RT]: Too many footprints and people profiling by hand! I wanted something that was generic enough to be expanded and applied to many types of data. After a bit of experimenting we settled on our current model and we’ve been expanding on features ever since.
[PM]: Did you had any difficulties while developing Maltego?
[RT]: None whatsoever - it has all been smooth sailing and our software is 100% bug free since the very first version. No...software development is difficult and expensive. It’s easy to do proof of concept stuff but taking it to production quality is a different ballgame. We’ve learned a lot about building software for everyone vs. building software for yourself.
[PM]: How does this platform work exactly?
[RT]: We take a piece of information (we call it an entity) and run a piece of code on it, that transforms it into another entity. That’s the core of it. Watch our ‘What is Maltego?’ video on Youtube ;)
[PM]: Basically your platform works on every system. Was versatility one of the main goals?
[RT]: Correct. It’s coded mainly in Java. It’s not as easy as just copying it to another system, but yes – that was the idea.
[PM]: Maltego is an open source tool. How do you feel about sharing your work with others?
[RT]: Maltego is not open source software. It’s an [open source intelligence] tool, not an [open source] intelligence tool. We get this a lot – and many people think it’s a marketing trick. I can assure you it’s not. Open source intelligence (OSINT) is very different to open source software. We do offer a free community edition – also bundled with the Kali Linux distro.
[PM]: What about feedback from users? Do you use it improve your platform or do you ignore it?
[RT]: We listen to our users but we’re also very aware that we can’t be everything to everyone. When deciding on what goes into a release we take care that the improvements will appeal to everyone.
[PM]: What are your biggest challenges today and how do you try to solve them?
[RT]: Prioritizing features. We argue a lot about what we want to do next. Every time we add a feature it has to work seamlessly with everything else we’ve developed up to now – so the more you add the longer time it takes to get it out the door.
[PM]: What's the future of the application?
[RT]: Next up (for the end of year) is large graph support. We’ve got a few tricks that we hope is going to allow us to support up to a million nodes. After that it’s feeders, protocol3, headless machines, graph stores…there’s a lot of room to grow and cool things to do.
[PM]: Can you tell us about trends that you see in administration of information? Are people aware of how important it is?
[RT]: Yes. It’s a slow move but I think people protect the boundaries of their personal information a lot better than 5 years ago. And they are more aware of where it resides.