Matt Watchinski, Vulnerability researcher, Sourcefire

By on
Matt Watchinski, Vulnerability researcher, Sourcefire

I’ve been penetration testing since I was about 15 years-old. I got interested in these things in the days of bulletin boards and the 1,200 baud modem when you had to figure out things for yourself or talk to others on the boards.

How have things changed?

People now look for projects to get involved in, instead of hacking things to get them working. There is a lot more interest in getting new features into open source software.

What do you like most about your job?

Naturally, with new features come new vulnerabilities. For example, people come up with new ways to shell code more efficiently.

You are involved with Snort, what is its future?

Snort will continue to be open source. Keeping it open keeps the community going. Without them, they'd be no Snort.

What annoys you?

Vulnerabilities being released on a Saturday night! I get paged that something nasty has happened and I just have to respond. Unfortunately, the bad guys don't work nine to five. It's annoying but it is also exhilarating. Zotob got big on a Saturday afternoon and I had to get all the guys out to verify all the variants in order to produce a signature.

Who has influenced you?

When I worked at Hiverworld (now nCircle), a guy called Patrick Heim ran the professional services team. He showed me how to apply my technical skills to the business world. Vance Moran helped me understand code and vulnerability analysis.

How do you describe your job to strangers?

A lot of people don't really understand what vulnerability research is. I try to explain what the vulnerability research team is and how it protects the internet. I then throw in words like virus and worm because people have heard of them and think they know what they mean.

Copyright © SC Magazine, US edition

Most Read Articles

Log In

|  Forgot your password?