Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

About me


Look at me all up in that throne looking casual :D

All bow to the king of bad pictures…

Name ::: Chris John Riley

Nationality ::: British

Location ::: Zürich/Valencia 

Profession ::: Penetration Tester / Security Analyst / Security Researcher

Short Bio ::: I’m just this guy you know!

A little history ::: I’ve been working in IT full-time since around 1996. During this time I’ve worked in a variety security and non-security roles, as well as performing some special project work and security research both professionally and privately. Like most people, I fell into security work while working at a previous employer. After diving into vulnerability scanning and some simple IDS work, the technical side of security really began to interested me more and more. I’d always been security conscious and into hacking (in the more traditional sense of the word). After a while of doing security on the side, I decided to re-focus my career away from support/operations with a side-helping of IDS/Vulnerability testing, and into a full-time job in security. Not an easy transition, but worth every penny, and every hour spent learning and re-learning what I thought I knew. Nothing makes you learn a technology like trying to break / protect it!

Since starting this journey into security I’ve had the good fortune to meet a lot of interesting people and learn a lot of new and interesting things I never thought possible before. In my spare time, alongside trying to squeeze in the odd blog post here and there, I’m a co-host of the Eurotrash Security Podcast where I’m the one that says ummm and errr far too often!

Feel free to leave feedback, or send me an message using the contact form below.

Please note ::: WordPress’ contact form likes to eat spam for breakfast. This unfortunately means a lot of non-spam gets chewed up and spat out too to /dev/null. If you don’t get a reply within a few days, just send it again…. or I just didn’t find your message interesting enough… who knows 😉

Standard Disclaimer

The information in this blog is provided “AS IS” with no warranties, and confers no rights. Any opinions expressed in this blog are mine and do not represent the thoughts, intentions, plans or strategies of any employer, past, present or future.

I make no guarantees over the quality, quantity, or common sense of any of my posts here. If you find anything posted here mildly interesting, please feel free to leave a comment. No, I do not pay for comments (although I do offer prizes for the funniest one!), do not want to add a link to your site, don’t want adverts, and I don’ want to buy your service/product. You’ve been warned

10 responses to “About me

  1. atul jha November 16, 2007 at 22:26

    hey just googlin 4 ceh exam center came across ur page.


  2. Kaushal December 15, 2007 at 06:04


    Was surfing through some sites and found your reply on one of them. Sounds interesting, but coming to India for ECSA , CEH and MCSE..is strange for me.
    Well, I agree with your views for CEH, but security starts from within. I am also looking for security jobs in India. I was working as Information security officer and we had implemented ISO 270001 in our organisation.There is cultivated interest and digged further….still learning new things.. dedicate yourself …you will find a job…think,eat and live “security” and you will find it…

    Job is like a child, take care of it and it will take care of you.



  3. Michael Schratt January 8, 2009 at 22:05


    nice article in 1/09 hakin9 🙂
    how did you get your GPEN cert? selfstudy? proctored exam?

    would be nice hearing from you!
    i’m from lower austria too 🙂

    BR Michi

  4. Chris Riley January 9, 2009 at 12:06

    Thanks, to be honest it was something quick I threw together. So glad it came over well. The GPEN, like all of the SANS certs, really should be studied through a SANS course (live training, Self Study, or using the SANS@home series). You have the option to study from your own material and then challenge the exam, however this is tricky to get right, as the topics covered in the GPEN can be very specific. I personally attended a course in Amsterdam and then followed it up with a proctored exam. You get 2 practice tests before the real one, so enough time to prepare. To be honest the exam itself isn’t that hard if you know your stuff and have good organisational skills. As the SANS exams are open book you can have material with you to reference. That said, there isn’t enough time to look up all the answers, so you still have to know whats what. The SANS courses aren’t cheap. My tip, if your company won’t cover the costs, is to try for the work and learn scheme (checkout the SANS website for info). It’s not easy to get in, but if you do it’s a great way to learn. The basics are, you work at a SANS event helping them setup/packup, as well as helping in-class with paperwork, problems etc…. for that you get a 6 day course for $700 which is a huge discount. It’s hard work, but worth every penny in my opinion.

  5. Serbanescu Sorin July 23, 2009 at 16:24

    All my respect for a professional.
    –Best regards

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: