Hackers, Pen Tests, and Security Research: A Conversation with Chris Rohlf

I spoke with Chris Rohlf, former head of Yahoo’s red team in New York and a thoughtful and respected voice in the security community. Chris has extensive experience as a pen tester, developer, engineer, and consultant for various organizations, including within the Department of Defense and on the Black Hat review board. We discuss how the government should bridge the gap with the security community, like the Defense Innovation Unit Experimental (DIUx) and the recent Hack the Pentagon bug bounty. We also talk about how organizations will grapple with the challenges presented by the Internet of Things, the “IoT”: the growing network of objects that sense and interact with each other. Chris offers useful advice for aspiring hackers, and three practical suggestions for how you can protect your own devices. Follow Chris on Twitter @chrisrohlf.