Ken Munro
Partner and Founder, Pen Test Partners
Ken is a security entrepreneur and industry maverick that has worked in infosec for over 15 years. After studying Applied Physics he tried his hand in the hospitality industry but soon discovered a talent for hacking, persuading a till to print out mortgage amortisations. He went on to cut his teeth in the anti-virus industry before founding SecureTest, a penetration testing business that quickly established a reputation for delivering high spec services using a boutique business model. NCC Group recognised the value of the proposition and acquired SecureTest in 2007. But Ken had found his calling and his penchant for pen testing saw him set up Pen Test Partners in 2010 which now boasts some of the best ethical hackers in the business, each of whom has a stake in the firm.
Ken’s zeal for pen testing is matched only by his disdain for those vendors who resort to scaremongering to peddle point solutions. He is a fierce advocate of responsible disclosure and regularly researches and reveals security vulnerabilities in an effort to promote better security design and practice. He takes a key role in conducting investigations as well as encouraging team members to pursue their own research and the results are published on the company blog on a weekly basis as well as being publicised by the wider media.
Ken is a respected speaker and pulls no punches during his annual Tech Talk presentations at Infosecurity Europe, where he can also be found performing practical hack attacks on the company stand. He is a regular speaker at events held by industry bodies and associations and has spoken at the ISSA Dragon’s Den, (ISC)2 Chapter events and CREST (Council of Registered Ethical Security Testers) events, where he sits on the board, helping to establish standards in both member organisations and among individual penetration testers. He’s also an Executive Member of the “Internet of Things Security Forum”, a body that aims to promote best security practice and the application of controls in smart device manufacturing, and spoke out on IoT security design flaws at the forum’s inaugural event. He’s also not averse to getting deeply techie, regularly participating in hacking challenges and demos at 44CON, DefCon and Bsides.
Ken has a wealth of experience in penetration testing but it’s the systems and objects we come into contact with on an everyday basis that really pique his interest. This has seen him hack everything from hotel keycards, to keyless cars and a range of Internet of Things (IoT) devices, from wearable tech to children’s toys and smart home control systems. This has gained him some notoriety among the national press, leading to regular appearances on BBC TV and BBC News online as well as the broadsheet press, and he’s also a regular contributor to industry magazines, penning articles for the legal, security, insurance, oil and gas, and manufacturing press.