Job description: Infosec Ranger at Pwnie Express
When I learned that well-known hacker and conference speaker Jayson Street decided to join the Pwnie Express team, I knew this was the perfect time for an interview.
You’ve been highly independent, traveling the world on assignments for several years. What made you settle down to work for Pwnie Express?
The main thing that drew me to working with Pwnie Express was the team and their commitment to being part of the broader community. From the very beginning Pwnie Express’s founder Dave and his crew were always part of the community. They don’t just sponsor community conferences – they also give out their PWN devices for free. No matter how much they grow I know they will never forget their roots!
On a side note, a funny behind the scenes story on my introduction to the team: I was first approached by Dave at DerbyCon this year. He introduced me to Paul the CEO of Pwnie Express and we had a great conversation. Though later that night I met Paul again but this time I was in a bright yellow Minion onesie. Upon seeing him I sheepishly said to him, “So rethinking the idea of having me working with your team?” His response was to laugh and say, “Oh no, this confirms it – you’re a perfect fit.”
What will you be doing in your new role at Pwnie Express? What will be your key responsibilities?
One of the first things we discussed was the fact I’m a lousy sales person! I told them I’m good at telling people what I like and I really, really like the defensive solutions that Pwnie Express makes and the plans they have for the future! So as the Infosec Ranger for Pwnie Express I’ll be one of the voices for them (probably a loud one) talking about the importance of leveling the playing field against the attackers by providing organizations the tools to protect themselves.
The other responsibilities will be helping with keeping strong ties to the grassroots community, while at the same time build on their momentum in organizations to help to extend the outreach to corporations and blue teams on the new services being offered by Pwnie Express. The other thing is being able to still go on my own in the field and do Red Team engagements. They want me to keep my skills polished and know I can’t leave Pilgrim at Krypton Security alone as he’d miss me too much. So I’ll still be globe trotting and misbehaving, and now I’ll also be better equipped when I’m doing it. I will also help by using my experience as a solid blue teamer and purple teamer to give advice and provide insight whenever needed.
What lessons from the field are going to come in handy in your new position?
I think one of the main skills I bring is my ability to talk – a lot! Not only do I talk to the community, but I strive to reach outside of the community to help security executives and infosec teams understand what threats are out there and how we can help them!
If you take a look at the Pwnie Express product line, which product would you highlight?
Without a doubt it would be the Pwn Pulse. Honestly, it was one of the main reasons that drew me to the company. It truly gives companies a way to know all the rogue devices connected to their networks no matter how distributed or hard to reach their operation is. It is so exciting to be able to show the world how thinking like a Red Team member can help defend and better secure a company. To be truly successful in combating attackers, which is possible, a company has to stay a step ahead and anticipate their next move. This is what the Pwn Pulse allows companies to do.
Unlike Pwnie, most companies traditionally build their defenses without anticipating the way the attackers attack and this leaves them exposed. That is what is so awesome about what Pwnie Express is doing – they are bringing a useful and vital defensive tool, understanding the attackers mindset to give organizations the tools they need to thwart the bad guys! That really excites me because it will not only help companies be more secure but also is thrilling because it shows the importance of having your network defended by smart people who know how attackers may come at it.
I love that the good guys who understand the hackers are helping secure organizations and people know that it was these white hat hackers who created these amazing safeguards and are using their skills for the greater good!