This article can also be found in the Premium Editorial Download "Information Security magazine: Reflections on the impact of Sarbanes-Oxley."
Download it now to read this article plus other related content.
by Dennis Fisher
Seems like everyone who was anyone worked at one time for @stake.
In 2000, 2001 and 2002, when money was flowing and the company could barely hire consultants to keep up with the demand for its services, @stake was on top of the security world. The deep talent pool attracted other smart people and @stake cultivated a casual, hip image and allowed employees to work on interesting, challenging projects.
"It really became a cool place to work. It just sort of happened at some point," says Grand, a member of the L0pht hacking collective that formed the foundation of @stake in 2000. "The people there were really open to a lot of different things. It was the place to be. There wasn't a lot of structure."
| Wysopal--all of whom had a lot of credibility in the hacker underground--served as a positive and a negative in the early days. Having them in the office was a definite re-cruiting tool, but it also caused some uneasiness among customers and potential clients.
At the time of @stake's founding, the members of the L0pht were seen variously as tremendously talented researchers who used whatever methods served their needs, or borderline criminals who flouted the law in the name of fame and fortune. Many critics publicly questioned the wisdom of hiring this group of mavericks to secure corporate networks. The L0pht made no bones about its connections to the hacker underground and was unafraid to force a vendor's hand by publicizing a vulnerability or attack method if the vendor didn't move quickly.
This was first published in January 2008