Not long before Tom Bossert was pushed out of his role last year as the White House's top cybersecurity official, a public remark he made at the World Economic Forum in Davos, Switzerland, raised eyebrows. Bossert wanted, he said, to introduce policies that would let the US government "get our hands around the necks" of the enemy hackers who cost the US billions of dollars every year. Reporters, and some fellow officials, took the comment a little too literally; after the talk, Bossert found himself explaining that he didn't mean actual, physical violence.

Today, however, Bossert is in business for himself, pitching an approach that's almost as aggressive, if somewhat more subtle: getting his hands around the network communica­tions of enemy hackers, and using that choke point to inflict confusion, cost, and (figurative) pain.

After a year largely out of public view, Bossert today revealed his role as cofounder of a startup called Trinity, along with CEO Steve Ryan, a former deputy director of the NSA's Threat Operations Center, and Marie "Neill" Sciar­rone, a former BAE Systems exec who served as a cyber­security adviser to George W. Bush. Backed by $23 mil­lion in investment led by Intel Capital, Trinity offers what Bossert describes as a "third way" between traditional cyber­defense and private sectors "hacking back" to play offense.

Instead, Trinity will offer its customers a service that Bossert describes as "active threat interference." It will, essentially, place itself between a company's network and the hackers targeting it, monitoring all incoming and outgoing traffic for signs of foul play. When it finds malicious activity, Trinity promises not merely to alert the customer to the attempted intrusion or block it, but instead to alter it, messing with the hackers' tools—and their minds.

The result, Bossert says, will give hackers a taste of the frustrations and uncertainties that have long plagued defenders. "If we don’t change the equation to something that actually stops and prevents and imposes cost on the adversary, we’re not going to get in front of the problem," says Bossert. "It’s flat-out, I’m-pissed-off time to do it."

Hacking Hacks, Not Hacking Back

Trinity's tricks, the founders claim, include meddling with the authentication between a hacker's command-and-control server and his or her malware, so that the malicious code mysteriously breaks. They can swap the data a hacker steals on its way out of the network, so that it appears valid but can't be read or executed. They can intercept a command sent to a malware implant and replace it with one that tells the malware to uninstall itself, or swap a response back from the malware to the server with one that tricks the server into beaconing out its location and revealing itself. All of this is intended to foil hackers without ever giving them clear feedback about why they're failing, turning even a simple operation into a drain on time and resources.

We don’t need to hack the attacker. We need to hack their hack." Tom Bossert, Trinity

"If you’ve got a remote control that doesn’t work, you tap it, then you replace the batteries, then you bang it, then you turn the TV off and on. But you never stop to believe there's an adversary outside the window interfering with the beam between the remote and TV," says Ryan, who left the NSA two years ago to start work on Trinity before recruiting Bossert six months ago. "If you understand the methods and what makes them successful, you can quite literally reach in and make it not only unsuccessful, but make it even advantage the security team."

That sort of deception and manipulation, the Trinity founders argue, is an opportunity to upend the economics of both criminal and state-sponsored hacking: Intruders can simply try one intrusion method after another until they find one that works, with little penalty for those that don't. But if every intrusion attempt ends in frustration, the offensive advantage in cybersecurity might be blunted, says Trinity president Sciarrone. "When you turn the problem around and focus on the adversaries instead of all the points in your network, the math works for you a little better," she says.