In this series of posts we’re introducing staff members at Secure Ideas to give you a quick glimpse into our lives. In the third post of this small series, we look at a recent addition to the consultant team.
The goal of these posts is for you to learn more about us. So reach out to us via email or twitter. We’d love to get to know you.
Who am I:
Nathan Sweaney, Senior Security Consultant at Secure Ideas.
What do I do at Secure Ideas:
As the newest member of the team, I get a wide range of projects. On the consultant team I participate in both internal and external penetration tests. These engagements are attack-based such as network, web, wireless, or mobile tests, as well as more defensive architecture reviews. Internally I’m also getting more involved in managing our systems and supporting our cloud-based vulnerability assessment service, MySecurityScanner.com
What is my security background in a nutshell:
Like most the Secure Ideas staff, I come from a background of development and system administration. I started out as a programmer that often got handed the role of security testing deliverables because of my natural inclinations. I moved into system administration in the point-of-sale industry while PCI was becoming a critical issue, so I have gained a lot of experience finding the balance between security and compliance initiatives. Over the years I have moved steadily towards the offensive side of security while accumulating my GPEN, GWAPT, and GAWN certifications.
What is my favorite attack:
For me the most exciting type of attack is one that the client says isn’t possible. The thrill of a seemingly insurmountable challenge drives me to push harder and think further outside the box. The solution to these problems isn’t only technical, it’s about finding the gap between what the client thinks is happening, and what is really happening. Growing up I was the kid that looked at critics and said, “You wanna bet?”
What am I learning about now:
I’ve been finding opportunities to experiment more with PowerShell. I’m a firm believer that people learn best by doing, so I look for problems that could be solved in PowerShell and then figure it out. I’m also reading Metasploit: The Penetration Tester’s Guide which is, without question, the best guide to Metasploit from basic to advanced functionality.
Nathan Sweaney is a Senior Security Consultant with Secure Ideas. If you are in need of a penetration test or other security consulting services you can contact him at firstname.lastname@example.org or visit the Secure Ideas – Professionally Evil
site for services provided.