Salesforce Fires Red Team Staffers Who Gave Defcon Talk

Josh Schwartz, Salesforce's director of offensive security, and John Cramb, a senior offensive security engineer, have been fired by the company after they gave talk at the Defcon security conference talk in Las Vegas last month, reports ZDNet. Schwartz and Cramb were presenting the details of their tool, called Meatpistol, a "modular malware implant framework (PDF)" similar in intent to the Metasploit toolkit used by many penetration testers. The tool, "pitched as taking 'the boring work' out of pen-testing to make red teams, including at Salesforce, more efficient and effective", was anticipated to be released as open source at the time of the presentation, but Salesforce has held back the code. From the report: [...] The two were fired "as soon as they got off stage" by a senior Salesforce executive, according to one of several people who witnessed the firing and offered their accounts. The unnamed Salesforce executive is said to have sent a text message to the duo half an hour before they were expected on stage to not to give the talk, but the message wasn't seen until after the talk had ended. The talk had been months in the making. Salesforce executives were first made aware of the project in a February meeting, and they had signed off on the project, according to one person with knowledge of the meeting. The tool was expected to be released later as an open-source project, allowing other red teams to use the project in their own companies. But in another text message seen by Schwartz and Cramb an hour before their talk, the same Salesforce executive told the speakers that they should not announce the public release of the code, despite a publicized and widely anticipated release. Later, on stage, Schwartz told attendees that he would fight to get the tool published.

Re:Run up the mini bar bill and bill some table ti

[bws111]

So are you suggesting they waste their own money (now that they are jobless), or that they commit fraud and wind up arrested in addition to being jobless?

Who is the exec?

[AnthonywC]

Let's go for some Streisand effect and expose him.

Re:Text Message??!?!

There were 2 text messages sent to the presenting duo. Both by the same exec.

The first was sent an hour before the talk telling them not to announce the release of the tool (emphasis on ANOTHER and AN HOUR:

"But in ###another text message### seen by Schwartz and Cramb ###an hour before their talk###, the same Salesforce executive told the speakers that they should not announce the public release of the code, despite a publicized and widely anticipated release"

and then a second text message was sent to them telling them not to present (emphasis on half an hour)

"The unnamed Salesforce executive is said to have sent a text message to the duo ###half an hour before they were expected on stage### to not to give the talk, but the message wasn't seen until after the talk had ended.

Reading comprehension is such a difficult skill to master, isn't it? No wonder the US is going to shit.

Re:Run up the mini bar bill and bill some table ti

[93+Escort+Wagon]

But he still was in Texas, which is far preferable to the overpriced shithole that is Silicon Valley.

It seems you've never been to Texas.