Cory Scott


Information security researcher with management, consulting, and organizational skills. I can pen-test without a 5-figure piece of software, manage a project without a gantt chart, debug a protocol without documentation, talk to business leaders without sounding like a metrics or risk wonk, direct a team without doing trust falls or TPS reports, and sell services without selling my soul.

I'm happy when I can build my own tools or process, find the source of the problem, and give a detailed fix or guidance to the right person. I'm even happier when I can teach or enable someone else to do the same.

I believe that applying a combination of experience, trusted collaboration with peers, adding clarity by removing FUD, always being curious, and using a little bit of intuition is the best way to practice information security.