Long thread time: So most of you know me (Brad) from my grsecurity/Linux work, which had previously been done in my free time. Only a few people (other than those that followed a particular github account) know of my non-free-time work for the past 14 years.
Since I started working in 2005, I always wanted to make sure I would never be in a situation where I would learn about something that I wouldn't be able to then fix in grsecurity, so this ruled out working for most security companies. Linux defensive work...
would also pose a conflict of interest, so anything related to that was out. Instead, for the past 14 years, my day job has been Windows malware analysis/reverse engineering for various employers. I'm very proud of the work I accomplished in that space, just as much...
as my grsecurity work,even if no one publicly knew about it. You probably know we have a small company based out of Lancaster, PA for grsecurity, and it has recently gotten to the size to support my full-time development efforts. So today was my last day with my previous employer
and not really the start, but the expanding of a lot of interesting work to come. We are in the process of expanding our ranks (if you're in the Lancaster, PA area) and will at some point begin offering additional services that we had to turn away previously due to lack of time.
This will also mean I will finally after 18 years actually have free time, so I'm looking forward to that as well 🙂
So my skills in Windows kernel development/deobfuscation/code-devirtualization/unpacking/APT/malware analysis/reverse engineering/sandbox development don't completely shrivel up, I'd be interested in exploring some small projects related to that once we bring more people on board
Before I forget, none of this would be possible without our great customers -- I really enjoy solving difficult problems, so being able to provide quick and detailed support to really friendly and professional customers doesn't get much better for me. We aim to overdeliver 🙂