Preview Mode Links will not work in preview mode

Oct 27, 2014

In this episode

  • Chris attempts to explain the consternation with 'security research' right now
  • Kevin gives his perspective and why he doesn't quite understand why people don't see they're "breakin' the law"
  • Shawn discusses what parts of the CFAA he would like to see reformed
  • James drops the question - "What is a security researcher?" ..and rants a little
  • Kevin talks about why the security industry needs to self-regulate w/example
  • Chris and Kevin debate intent, and "stepping over the line"
  • Chris brings up the issue of bug intake at a large company
  • Spirited discussion about intent, regulation, actions and separating emotion from facts


  • Chris John Riley - ( @ChrisJohnRiley ) - Chris John Riley is a senior penetration tester and part-time security researcher working in the Austrian financial sector. With over 15 years of experience in various aspects of Information Technology, Chris now focuses full time on Information Security with an eye for the often overlooked edge-case scenario. Chris is one of the founding members of the PTES (Penetration Testing Execution Standard), regular conference attendee, avid blogger/podcaster ( /, as well as being a frequent contributor to the open-source Metasploit project and generally getting in trouble in some way or another. When not working to break one technology or another, Chris enjoys long walks in the woods, candle light dinners and talking far too much on the Eurotrash Security podcast.
  • Shawn Tuma - ( @ShawnETuma ) - Shawn is an attorney with expertise in computer fraud, social media law, data security, intellectual property, privacy, and litigation. He's a Texan, Christian, family man, author & speaker - and an all-around awesome guy.
  • Kevin Johnson - ( @SecureIdeas ) - Kevin is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions for large enterprises and penetration testing everything from government agencies to Fortune 100 companies. In addition, Kevin is an instructor and author for the SANS Institute and a faculty member at IANS. He is also a contributing blogger at TheMobilityHub.