This year has been full of surprises.  Life has taught me that you never really exist in a state of calm or unrest, but some stratified grey area in between.  When life gets rough I think back to the “in between” that is water.

I’ve received a few questions about the 2011 sexy infosec geeks list, and last year was such a hit as was the year before that I thought we should do it again.  It is hard to keep a list to just 10 people when you really have a list about 50 long.

A friend asked me how I compiled the list.  I told her it was based on the people I know and those referred to me.  I’m easily influenced by recommendations of others, as are so many people in this world.  I solicited input, averaged out the outliers, and once again used biased weighting to determine the final set.  Again, these are only my opinions.  I encourage you to make your own list as well. As always, feel free to disagree or add your own using the comments.

Without further commentary and tangent, I give you the Third Annual Top 10 Secy InfoSec Geeks for 2011.

10. Halvar Flake (@halvarflake)

Halvar has many skills. He was denied access to the US in 2007 and prevented from teaching a class at BlackHat – probably because the information was much needed. He specializes in math, reverse engineering, and making friends with people who recommend him for lists list this.

09.  Felix ‘FX’ Lindner (@41414141)

FX is a well known member of the German security team Phenoelit and Head of Recurity Labs.  He is a mainstay in the security world, who along with the rest of the Pheloelit team has brought many others into security.  He participated in C3, speaks on security, and is overall a nice guy.

08. Jayson E. Street (@jaysonstreet)

Jayson Street, much like Zaphod Beeblebrox, is “just this guy, ya know”.  Jayson presents at conferences around the world and people attend his talks because of how entertaining he is, regardless of the topic.  He frequently speaks on the topic of social engineering, is never without his vest of pockets, and amazingly somehow able to find a Pizza Hut and Pepsi in every country he visits. He has received several accolades over the ages.

07. Andrew Jaquith (@arj)

Aside from being an all around likable guy Andrew has severed in various CTO positions, co-founder of @Stake, and industry analyst positions. Andrew authored the book Security Metrics, started MetriCon, manages Mini-Metricon, and is a full-time pundit.  If someone mentions the words metrics they will probably quote something that Andrew has said.

06. Joanna Rutkowska

Joanna made a splash in 2006 with her Black Hat presentation on an attack against Vista kernel protection mechanism and a technique dubbed Blue Pill, that used hardware virtualization to move a running OS into a virtual machine. In 2010 she co-created the Qubes security-centric operating system based on Disposable Virtual Machine.  In this era of virtual machines, we need more people to promote the need for security in virtual systems.

05. Alex Hutton (@alexhutton)

Alex Hutton has been involved in so many risky things, he is most certainly an infosec bad-boy. He graduated from the Jack Jones school of Factor Analysis and Information Risk (FAIR), former Research & Intelligence with the Verizon Business RISK Team, author on the Verizon Data Breach Investigation (DBIR) and PCI Compliance report (PCIR), and organized (Security Metrics) Metricon 2011. Now that is one risky dude!

04. Michelle Klinger (@diami03)

Michelle may like infosec as much as she likes cats – and that’s saying something.  She co-organized BSidesDFW two years in a row.  She is an excellent cat herder who never likes the lime-lite but always does what it takes to get things done.  She has sarcasm and charm to spare.  In 2011 she was nominated for an RSA Blogger award due to her post, Security B-Sides Turned Me into an Adult.

03. Kyle Creyts (@hushedfeet)

In a DO-ocracy Kyle would be King (or close to it).  Kyle is founder of BSidesDetroit, an event he started to bring together people in the greater Detroit to Ann Arbor area.  At a youthful age he stood up a conference in one of the most diaspora cities and created a conflagration of like minded people.

02. Marcia Hofmann (@marciahofmann)


Marcia is a Senior staff attorney at the Electronic Frontier Foundation (EFF) focusing on helping ensure that modern technology is used for liberation rather than control. She liaisons with hackers at security conferences and help guide them on how to proceed with sometimes sensitive topics. She has the legal perspective that every aspiring hacker needs.

01. Joseph Sokoly (@jsokoly)

Joseph has been my ‘poster guy’ for Security B-Sides.  In 12 months he took a presentation on how hard it is to break into the industry (BSidesAustin) to a followup on all the support he received (BSidesBoston) back to his home town and co-founded BSidesDFW.  I’ve always enjoyed out long one-on-one conversations about life, people, and leadership.