By Kelly Jackson Higgins
 If the information security industry has a rock star, it’s HD Moore. The 27-year-old is a much-respected, though sometimes controversial, “white hat” hacker. He’s the expert people look to when a major vulnerability is discovered or a new attack is unleashed. And once Moore releases code that exploits a threat, the race is on: The good guys scramble to patch it and the bad guys to exploit it.
Moore is the director of security research at BreakingPoint Systems, a network device testing platform provider. He’s also the creator of the popular open source hacking tool called Metasploit, which IT groups use to test software and networks for weaknesses. The fact that Metasploit’s also a favorite of the black hat hacker set doesn’t worry Moore, who sometimes finds himself delicately bridging the two worlds.
“I tell people not to tell me things if they want to keep it secret,” he says. Moore is happy to help figure out a security bug, but “I’m not going to keep your bug a secret,” he says.
Moore is careful not to release a Metasploit exploit tool for a zero-day, or unknown, vulnerability until after the bug goes public or is already being exploited on victims’ systems. He’s even won over Microsoft, which hasn’t always been a fan thanks to Moore’s penchant for finding security holes in its software. Microsoft openly runs Metasploit in-house to test for security flaws in its software, Moore says.
Moore is credited with forcing Microsoft and other browser vendors to address security problems with his July 2006 Month of Browser Bugs project, publishing a new browser bug for 30 straight days. As BreakingPoint CTO Dennis Cox once said: “HD makes security hot. Everyone wants to take him to the prom.”
l Paul Maritz l George Socha l Manjit Singh l Jeff Teper l Sam Ruby l Barack Obama l Nir Zuk l Kirill Sheynkman l Marc Benioff l Avi Kivity l
|