As many readers will already know, Hack Chat is SentinelOne’s very own podcast series with Marco Figueroa and leaders from the world of infosec. If you’ve yet to catch on, Hack Chat is now in Season 2, and Marco’s guests have included such security celebs as H.D. Moore and Chris Nickerson. You can catch up on earlier episodes of Hack Chat from both Season 1 and Season 2 here.
S02 E05: Prepare to Meet Pedram Amini
In episode 5 of Season 2, Marco interviews Pedram Amini, a world renowned expert in fuzzing and hacking. Pedram has presented a variety of research at different conferences such as BlackHat, DefCon, Microsoft Bluehat, and Virus Bulletin to name a few. He’s also taught numerous sold-out courses on reverse engineering.
In this episode, Marco and Pedram dive deep into finding bugs, fuzzing and how Pedram started ZDI. Pedram takes us through the mindset of bootstrapping companies and what it takes to make them successful.
How Did You Get Into Reverse Engineering?
“From a young age, I’ve always been into puzzles, you know, and at some point I had gotten my hands on a laptop in the early years in high school. And as a matter of necessity, just to get access to the software, I picked up a copy of Soft Ice and I started cracking protection codes. And I found that that process actually of reverse engineering to crack those codes was more fun than any puzzles I’ve ever done. And so really, the debugger and the compiler are the last puzzle I ever picked up.”
How Did You Get Your First Opportunity in Infosec?
”During my time at Tulane, Blackboard was just released. It’s pretty popular curriculum management software now, but it was just released and they were using at Tulane. I found a couple of different ways of hacking into a blackboard. And so I published those advisories on full disclosure and bug track, which were the two mediums for getting information out there at the time. And so Dave Endler working for a company called iDefense, looking to launch…you know, we talked about being Tulane alum and he happened to be coming to campus…And so the timing was perfect. We spoke and we hit it off and I ended up being the first hire.”
What Was Your First Startup?
It was a garage startup. The two of us put our entire life savings on the line and, you know, literally just got together every day and packed that thing into into fruition…we were playing this game where we would buy these vulnerabilities. We reported to the vendor, but also tell our subscribers about it. And then later there would be a public disclosure…We could purchase the vulnerability, informed the vendor, not tell anybody about how to exploit this thing, but put in defensive logic into our product…It was a win win across the board. You know, the vendors got something, we got something. And of course, the researchers got something out of it as well.
What Are You Doing Now?
I’ve got my fingers in a couple of different things; I have a couple of technical advisory roles and investor roles and companies like a tech IQ and gray noise, ex intelligence. And I’ve always been a friend of the family there and I sit on their advisory board as well. And so that’s one of the things that keeps my sanity right. I’ve got a foot in the offensive space till I get to surround myself with that kind of thinking. Those lateral thinkers are my favorite kinds of folks to to interact with.
And Pedram’s Dream?
“My dream would be to create a think tank so we could spin ideas into companies and I nerd out about creating. This is why I have these advisory roles at companies.”
But There’s So Much More: Check It Out!
There’s a whole lot more to learn and enjoy from joining Marco and Chris in the latest episode of Hack Chat. Be sure not to miss it and bookmark the Hack Chat web page.
Read more about Cyber Security
- 5 Questions to Consider Before Choosing the Right XDR Solution
- The Soul of SentinelOne: Our Values
- When Apple Admits macOS Malware Is A Problem – It’s Time To Take Notice
- SentinelOne is a Leader in the 2021 Gartner Magic Quadrant. Here’s Why.
- XDR Data Retention | Making Sure Your XDR Platform Outlasts Your Adversaries
- The Hunt For The Right Security Solution
- MITRE ATT&CK Engenuity: AI & Big Data Powered EDR > Human Powered Products
- Why XDR Vendors Must Build, Buy, and Partner
- Singularity XDR: One Platform to Revolutionize XDR