_
Bookmark Page
Security Pals
Here are a few security sites I visit from time to time that are operated by friends and/or former colleagues:
Security Pals
Here are a few security sites I visit from time to time that are operated by friends and/or former colleagues:
About Me - Stefan Frei
Good engineering involves thinking about how things can be made to work; the security professional mindset involves thinking about how things can be made to fail. Hi, I’m Stefan Frei and I’ve been in IT and security since the late 1980s. I've been paid to break in to the largest and best known organizations around the world for the last decade and worked for one of the world’s best known penetration testing security R&D divisions. Along the way I gathered a mixture of skills in software development, pentesting, security research, and consulting for both technical and management audiences. Currently I work as senior resercher and lecturer at ETH Zurich where I study the security ecosystem and investigate cybercrime operations and defense. I wanted to combine my practical experience from ISS X-force with academic research - knowing that we need interdisciplinary solutions to today’s security challenges. As a helicopter and fixed wing pilot I am well prepared to look ahead and think out of the box. I have been a frequent speaker and contributor at BlackHat, DefCon, and other security conferences. You can follow my publications at http://www.techzoom.net/publications or check out my blog http://blog.techzoom.net. Some of my research is frequently covered by the international media, I collected some pointers here.Education
- MSc. electrical engineering from the Federal Institute of Technology of Zurich (ETH Zurich) (1995)
- Master thesis at the école nationale supérieure des télécomunications (ENST) in Paris, France (1995)
- MAS master of advanced studies in Management, Technology and Economics from the management department of ETH Zurich (MAS MTEC) (2007)
- Ph.D. (Dr. sc. ETH) for the thesis "Vulnerability Econometrics - Dynamics of (In)Security", (2009)
Work Experience
- Senior Security Consultant - ISS X-Force, London/Zurich, (4 Years)
- Scoping, proposing, and R&D of security assessment services.
- Successful participation and technical lead in acquisition, delivery and execution of high profile, cutting edge attack-based consultancy services – ranging from classic penetration testing, through to advanced Web application security assessments throughout EMEA.
- Analysis, evaluation, explanation, and education of cyber security threats to customers at technical and all management levels.
- Software Developer/Owner - Zurich, (5 Years)
- Perform all functions related to operating small business.
- Successful development and deployment of customer's secure eBusiness Web applications and payment gateways.
Related Activities, Contracting
- From 1997 to 2009 I worked as a part time instructor for Swiss Aviation Training, teaching flight performance and computer technology for future airline pilots.
- University lecturer for Networking Security at ETH Zürich, usually during the winter term.
- Since I rejoined ETH I executed several security assessment assignments as a contractor, mainly in the Finance and Chemical industry.