Hi, I’m Shea Polansky

I’m a hacker, security analyst, sysadmin, and engineer.

About

I’m a hacker, security analyst, and sysadmin. Most importantly, I am an engineer — that means that I see problems and find solutions. My specialties are in network and systems security, administration, and engineering. I also do application security assessments and general security engineering, as well as software development, usually to create tools that support or enable my other skills. My hobbies are playing video and tabletop games, reading sci-fi and fantasy books, and dabbling in electrical engineering.

I do application, network, and systems security assessments and engineering for Independent Security Evaluators, a security consultancy. As part of my work, I publish blog posts whenever I have interesting findings or useful advice to share. You can find them on my blog. The posts that are directly relevant to my work are also published on ISE’s blog.

This is my personal site, where you can find some information about me, a list of my projects, and my contact info.


Talks

I’ve given a number of talks at various security and tech conferences. Here are some examples (newest first):

I am also a regular participant of my employer’s internal lightning talks program. While many of those talks aren’t publishable due to NDAs, here are a few that are:


Projects


Latest Post

May 5, 2020

Hardening and Configuring OpenVPN in 2020

This post originally appeared on the ISE Blog. Since everyone is working from home for the foreseeable future, corporate IT departments are scrambling to bolster existing VPN solutions or deploy new ones as fast as possible. One of the most popular VPN solutions is OpenVPN, either used directly, or through appliances like the commercial OpenVPN Access Server or third-party VPN gateway products. Some third-party products are not quite upfront about being OpenVPN wrappers, so if you use an SSL VPN Gateway appliance, make sure to double-check the documentation to see if this guide applies to you. Read more

Résumé

My full résumé is available by request. Highlights:

Skills

  • Skilled at security analysis of all kinds, with particular expertise in networks, applications, systems, and embedded hardware
  • Served as a network, application, and embedded security engineer for various clients in a consulting role
  • Deep knowledge of Windows and Linux internals as well as networking minutiae including TCP/IP stack
  • Strong technical communication skills including report writing and public speaking
  • Semi-professional electrical engineering skills including circuit design, board layout, and design for manufacturing
  • Capable of building, administering, and troubleshooting computer networks on a variety of hardware and operating systems

Education

  • Achieved the Offensive Security Certified Expert (OSCE) certification in 2020 after achieving the OSCP certification in 2019
  • Graduated summa cum laude from the University of New Mexico with a BS in Computer Science in 2018
  • Studied abroad for a year at Waseda University, one of Japan’s top 3 universities
  • Graduated with a double minor in mathematics and interdisciplinary liberal arts

Achievements

  • Regular speaker at security and technology conferences as well as for my employer’s internal lightning talks program
  • Winner of SANS Core NetWars at RSA Conference, and two-time participant at the NetWars Tournament of Champions
  • Completed the Microcorruption embedded security CTF; globally ranked at number 405 of over 62,000 players.

Contact

Feel free to contact me with any questions about any of my projects. You can find the source code, and in some cases binaries, on my GitHub page.

I am available for ongoing and project-based consulting work; I am not currently looking for a new job, but if you think you have a particularly good offer or fit for me, please send me the details.

For sensitive communications, I have published keys on this site using the Web Key Directory standard, and on the MIT PGP Key Server. This means that for most implementations of PGP my key will be automatically discovered and used, but you can also find a local mirror of my public key here if you wish to download it manually. You can also import the key using my Keybase profile, or use Keybase Chat.

My current local time is .

shea@polansky.co