May 11, 2023 By Mark Stone 3 min read


In the high-stakes world of cybersecurity, offensive security experts play a pivotal role in identifying and mitigating potential threats. These professionals, sometimes referred to as “ethical hackers”, use their skills to probe networks and systems in search of vulnerabilities, ultimately helping organizations fortify their digital defenses.

In this exclusive Q&A, we spoke with a seasoned offensive security professional. Benjamin Netter is a cybersecurity expert and the founder and CEO of Riot, a cybersecurity platform created for employee protection. His goal is to protect over one million employees from cyberattacks.

Benjamin shares valuable insights on his career path and the skills required to thrive in the field.

First, what does offensive security mean to you?

To me, offensive security is putting yourself into the shoes of a hacker, taking an outside look at your company and thinking about ways you would hack your company. That’s how I ended up working on Riot and preparing employees for cyberattacks. Most of the time, they are the undervalued vulnerability in companies.

Please tell us where you went to school and what you went to school for.

I went to EPITECH, a software engineering school in Paris. It’s a school that teaches really hardcore programmer skills. EPITECH teaches based on practical cases rather than theoretical cases. There’s no teacher, you have a project to complete before a deadline and you are completely free to manage your time the way you want until that deadline. For the first three years, I was coding probably twelve hours a day in low-level languages.

I also spent my fourth year at Concordia University in Montreal, mostly focusing on AI — before it was cool — back in 2010.

Did you obtain any specific certifications?

I received my master’s degree from the EPITECH but no cybersecurity certifications.

What was your first role in IT?

I was a PHP developer for a startup in Paris, creating a Wikipedia for fashion.

What pushed you to pursue security instead?

I later founded a fintech company called October, which grew pretty rapidly to 110 employees. We were developing a platform lending over €100 million every year to European companies, and part of my role as CTO was to make sure we were safe from hackers. I was investing a ton on protecting the platform (on bug bounties, pen testing and so on). Then, one day, an employee received a phishing email and ended up clicking and entering his password. That’s how we got hacked, and that’s how I realized we didn’t invest enough on protecting the employees.

I decided to work on a side project to better prepare my team for cyberattacks. And that’s how Riot was born. It started as a platform to launch phishing attacks on my employees at October, and the tool was working so well that other CTOs reached out to use it on their team as well. It was at this point that I decided it wasn’t just a side project but instead a real company.

What is the most valuable skill you learned in your role?

Probably to start small. Every big project can start as a side project, something that you can ship in less than two weeks of work. It’s an essential mindset to ship big projects. Otherwise, the amount of work to get to the goal can easily discourage anyone.

What soft skills do you think make a person successful in cybersecurity?

Creativity. Part of our job as cybersecurity experts is to think about how hackers will hack our companies. Hackers are very creative and are always thinking of new ways to attack you or your company. That’s why, if you want to be well prepared, you have to be creative too and think of all the different ways they can potentially hack you.

More from Security Services

Pentesting vs. Pentesting as a Service: Which is better?

5 min read - In today's quickly evolving cybersecurity landscape, organizations constantly seek the most effective ways to secure their digital assets. Penetration testing (pentesting) has emerged as a leading solution for identifying potential system vulnerabilities while closing security gaps that can lead to an attack. At the same time, a newer entrant into the security arena is Pentesting as a Service (PTaaS). Although PTaaS shares some similarities with pentesting, distinct differences make them two separate solutions. This article will discuss how these methodologies…

How I got started: Attack surface management

4 min read - As the threat landscape multiplies in sophistication and complexity, new roles in cybersecurity are presenting themselves more frequently than ever before. For example, attack surface management. These cybersecurity professionals are responsible for identifying, mapping and securing all external digital assets an organization owns or is connected to. This includes servers, domains, cloud assets and any other digital points that could be exploited by cyber criminals. Their role involves continuously monitoring these assets for vulnerabilities, misconfigurations or other potential security risks…

X-Force uncovers global NetScaler Gateway credential harvesting campaign

6 min read - This post was made possible through the contributions of Bastien Lardy, Sebastiano Marinaccio and Ruben Castillo. In September of 2023, X-Force uncovered a campaign where attackers were exploiting the vulnerability identified in CVE-2023-3519 to attack unpatched NetScaler Gateways to insert a malicious script into the HTML content of the authentication web page to capture user credentials. The campaign is another example of increased interest from cyber criminals in credentials. The 2023 X-Force cloud threat report found that 67% of cloud-related…

Does your security program suffer from piecemeal detection and response?

4 min read - Piecemeal Detection and Response (PDR) can manifest in various ways. The most common symptoms of PDR include: Multiple security information and event management (SIEM) tools (e.g., one on-premise and one in the cloud) Spending too much time or energy on integrating detection systems An underperforming security orchestration, automation and response (SOAR) system Only capable of taking automated responses on the endpoint Anomaly detection in silos (e.g., network separate from identity) If any of these symptoms resonate with your organization, it's…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today