About Chris Weber

I'm co-founder of Casaba Security, one of the world's leading information and cybersecurity professional services firms formed in 2002. On the business side I work on recruiting, strategy, business development, sales and marketing. I enjoy building lasting relationships and working closely with my clients to build long-term, end-to-end information security programs, and delivering results to key stakeholders.

• On the technical side I jump in the deep end with engineers and ops staff to design strategy and test security. I find security vulnerabilities through writing code, building repeatable test cases, and debugging. I've identified hundreds of critical vulnerabilities in popular Web software, including browsers, applications, and network and Internet infrastructure. I simulate breaches and exercise blue team capabilities. I work with compliance and policy on the full lifecycle and stack of security.

• I love photography, and have some public photos of my family, as well as some landscapes, and nightscapes that I hope you enjoy!

• Developing tools to automate testing or other tasks makes work a little more fun and productive. I've created a few like Watcher, to perform Web application security testing and privacy analysis, and occassionally like to test Web browsers and other stuff.

• I've volunteered as co-chair of the IETF IRI working group, and performed other work for OWASP, NBISE, and SANS.

• I've spoken with the press in print and on TV, and have been a speaker at various industry conferences including Black Hat, CanSecWest, the Unicode Conference, and Microsoft BlueHat, and private events including Adobe and Google.

• When time permits I research and write stuff and have co-authored some books including Privacy Defended, and Windows XP Professional Security, and was the technical editor of Hunting Security Bugs.

• I have a blog where I dump technical rants like test cases, results, or other information.

Recent Press

Occassionally I'm honored to speak with the press about a current attack or security trend. A few recent articles and interviews:

• 2018 April - Tech Night Owl Radio

  "Radio interview on the Tech Night Owl"

• 2018 April - Wired

  "HACKERS DIDN'T HAVE TO BE EXPERTS TO MAKE 'DESPACITO' DISAPPEAR"

• 2017 October - Forensic Magazine

  "Virtual Case Notes: No Internet Required for ‘aIR-Jumper’ to Manipulate Hacked Security Cameras"

• 2017 May - CSO Magazine

  "SMBs continue to be a target of cybercriminals"

• 2017 April - Yahoo Finance

  "As tensions rise with Russia, U.S. colleges still pay for Snowden speeches"

• 2017 February - Mass Transit Magazine

  "Top 7 Security Mistakes When Designing a Mobile App"

• 2015 December - KIRO Radio

  "Chris Weber on the debate over encrypted apps following the Paris attacks"

• 2015 July - Q13 FOX

  "Can computer glitches like the one that took down NYSE be prevented?"

• 2015 June - Breitbart

  "Security experts: Israeli spy virus targeted hotels used for Iran nuke talks"

• 2015 July - Q13 FOX

  "Can computer glitches like the one that took down NYSE be prevented?"

• 2013 August - Bloomberg TV [VIDEO]

  "Who's Behind the NY Times Outage"

• 2013 August - CNBC [VIDEO]

  "Is it Safe in the Cloud?"

• 2013 July - FOX [VIDEO]

  "Is there a Security Flaw with your SIM card?"

• 2013 May - TechNewsDaily [ARTICLE]

  "13 Security and Privacy Tips for the Truly Paranoid"

• 2011 June - FOX [VIDEO]

  "Shedding Light on Recent Hack Attacks"