Gunter Ollmann - About -


RSS Feed RSS Feed

Security News
These are the sites I tend to read whenever I get the chance:
The Register
Packet Storm
Dark Reading
SC Magazine

Security Pals
Here are a few security sites I visit from time to time that are operated by friends and/or former colleagues:

Other Sites
Some of the other sites I regularly visit:
BBC News


This site,, was originally created back in 2001 to act as the home of whitepapers and articles written by Gunter Ollmann.  Right from the beginning, Gunter strove to dissect the techno-babble of Internet security and to carefully explain what it was actually all about in as simple manner as possible - while still keeping the content educational.

The purpose of this site is provide a refuge to no-nonsense technical papers - with an emphasis on providing practical security knowledge without all the marketing and vendor hype.  Where possible the papers presented on this site have been designed for the people responsible for managing and maintaining a secure corporate infrastructure and applications.

About Gunter
Gunter has been focused exclusively on security since 2000; initially diving head-first in to the world of attack-based consulting (penetration testing, ethical hacking, social engineering, etc.). He has helped build and manage some of the best and most respected penetration testing teams in the world, and has spent way too much time sitting on paneled floors huddled around laptops in god-forsaken temperature controlled hosting facilities while hacking yet another soon-to-be-released Web application.

In addition to all this penetration testing and Web security analysis, for several years Gunter has been deeply involved in researching critical security topics and has lead advanced security research teams focused on threat identification and mitigation. Gunter is currently  focused on botnet and crimeware research, and leads Damballa's threat research teams.

Gunter led the security research and development of Internet Security Systems famous X-Force and, following IBM's acquisition of the company, helped direct the horizon-three (3+ year) security strategy for IBM.

Prior to all this security lark, Gunter began his working life as a computer consultant - designing, building, running and managing networks - whilst paying his way through a couple of university degrees (culminating in a Masters in Atmospheric Physics, after designing and building a new class of high resolution meteorological radar).

On the computing side, Gunter has worked at the following places:

2014 - 20xx -- NCC Group -- CTO

2012 - 2014 -- IOActive -- CTO
2009 - 2012 -- Damballa -- CTO, VP of Research
2008 - 2009 -- IBM -- Chief Security Strategist
2007 - 2008 -- IBM Internet Security Systems -- Director of Security Strategy
2005 - 2006 -- Internet Security Systems -- Director of X-Force
2004 - 2005 -- Next Generation Security Software (NGS) -- Professional Services Director
2000 - 2003 -- Internet Security Systems -- Head of X-Force Security Assessment
                                                               Services EMEA
1996 - 2000 -- Moss Bros Group plc. -- Network and e-Business Manager
1990 - 1995 -- University of Auckland -- Various Roles
1986 - 1995 -- The Electric Furnace Company Limited - Computer Consultant + Various

    Copyright 2001-2007 © Gunter Ollmann