The Evolution of Pen Testing: A Conversation with Tim Medin

The Evolution of Pen Testing: A Conversation with Tim Medin

07/20/2023 | Phillip Wylie |

About The Guest:
Tim Medin is the CEO and founder of Red Siege, a pen testing firm that specializes in offensive security. With over 15 years of experience in the field, Tim is also a lead author of the enterprise penetration testing course for the SANS Institute. He is known for his expertise in kerberoasting and has a background in electrical engineering.

Summary:
Tim Medin, CEO and founder of Red Siege, joins the podcast to discuss his background in pen testing and the evolution of the industry. He shares his experience with the Dallas Hackers Association and talks about his infamous talk on IoT hacking using a Bluetooth-enabled doll. Tim emphasizes the importance of pursuing what interests you in the field of cybersecurity and offers advice for aspiring offensive security professionals. He also addresses the question of whether AI will replace pen testers and highlights the value of manual testing in identifying complex security issues. The episode concludes with a discussion on Red Siege's recent acquisition of 40 North and the expansion of their services and training offerings.

Key Takeaways:

  • Tim Medin emphasizes the importance of pursuing what interests you in the field of cybersecurity.
  • Offensive security professionals should focus on specific areas of interest and seek out resources and communities to learn and grow.
  • AI is not yet capable of replacing pen testers, as manual testing is still necessary to identify complex security issues.
  • Red Siege's acquisition of 40 North expands their services and training offerings, providing additional expertise and resources to their clients.

Quotes:

  • “Pick the thing that's interesting to you. Pick the technology that you've got some experience with at work, with test systems, whatever it might be, and dig into that.” – Tim Medin
  • “The more specific the question, the better answer you're going to get and the more likely you are to get an answer.” – Tim Medin
  • “AI is great at processing large quantities of data, and if you can get that across many different organizations, we can really start to build some of these better profiles.” – Tim Medin

Tim and Red Siege social media and website:

https://www.linkedin.com/in/timmedin/

https://twitter.com/TimMedin

https://redsiege.com/

https://www.linkedin.com/company/redsiege/

https://twitter.com/RedSiege

Podcast: Play in new window | Download