Cатсн²² (in)sесuяitу / ChrisJohnRiley
Because we're damned if we do, and we're damned if we don't!
Name ::: Chris John Riley
Nationality ::: British
Location ::: Zürich/Valencia
Profession ::: Penetration Tester / Security Analyst / Security Researcher
Short Bio ::: I’m just this guy you know!
A little history ::: I’ve been working in IT full-time since around 1996. During this time I’ve worked in a variety security and non-security roles, as well as performing some special project work and security research both professionally and privately. Like most people, I fell into security work while working at a previous employer. After diving into vulnerability scanning and some simple IDS work, the technical side of security really began to interested me more and more. I’d always been security conscious and into hacking (in the more traditional sense of the word). After a while of doing security on the side, I decided to re-focus my career away from support/operations with a side-helping of IDS/Vulnerability testing, and into a full-time job in security. Not an easy transition, but worth every penny, and every hour spent learning and re-learning what I thought I knew. Nothing makes you learn a technology like trying to break / protect it!
Since starting this journey into security I’ve had the good fortune to meet a lot of interesting people and learn a lot of new and interesting things I never thought possible before. In my spare time, alongside trying to squeeze in the odd blog post here and there, I’m a co-host of the Eurotrash Security Podcast where I’m the one that says ummm and errr far too often!
Feel free to leave feedback, or send me an message using the contact form below.
Please note ::: WordPress’ contact form likes to eat spam for breakfast. This unfortunately means a lot of non-spam gets chewed up and spat out too to /dev/null. If you don’t get a reply within a few days, just send it again…. or I just didn’t find your message interesting enough… who knows 😉
The information in this blog is provided “AS IS” with no warranties, and confers no rights. Any opinions expressed in this blog are mine and do not represent the thoughts, intentions, plans or strategies of any employer, past, present or future.
I make no guarantees over the quality, quantity, or common sense of any of my posts here. If you find anything posted here mildly interesting, please feel free to leave a comment. No, I do not pay for comments (although I do offer prizes for the funniest one!), do not want to add a link to your site, don’t want adverts, and I don’ want to buy your service/product. You’ve been warned
hey just googlin 4 ceh exam center came across ur page.
Was surfing through some sites and found your reply on one of them. Sounds interesting, but coming to India for ECSA , CEH and MCSE..is strange for me.
Well, I agree with your views for CEH, but security starts from within. I am also looking for security jobs in India. I was working as Information security officer and we had implemented ISO 270001 in our organisation.There is cultivated interest and digged further….still learning new things.. dedicate yourself …you will find a job…think,eat and live “security” and you will find it…
Job is like a child, take care of it and it will take care of you.
nice article in 1/09 hakin9 🙂
how did you get your GPEN cert? selfstudy? proctored exam?
would be nice hearing from you!
i’m from lower austria too 🙂
Thanks, to be honest it was something quick I threw together. So glad it came over well. The GPEN, like all of the SANS certs, really should be studied through a SANS course (live training, Self Study, or using the SANS@home series). You have the option to study from your own material and then challenge the exam, however this is tricky to get right, as the topics covered in the GPEN can be very specific. I personally attended a course in Amsterdam and then followed it up with a proctored exam. You get 2 practice tests before the real one, so enough time to prepare. To be honest the exam itself isn’t that hard if you know your stuff and have good organisational skills. As the SANS exams are open book you can have material with you to reference. That said, there isn’t enough time to look up all the answers, so you still have to know whats what. The SANS courses aren’t cheap. My tip, if your company won’t cover the costs, is to try for the work and learn scheme (checkout the SANS website for info). It’s not easy to get in, but if you do it’s a great way to learn. The basics are, you work at a SANS event helping them setup/packup, as well as helping in-class with paperwork, problems etc…. for that you get a 6 day course for $700 which is a huge discount. It’s hard work, but worth every penny in my opinion.
All my respect for a professional.