Larry Pesce

Larry is the Product Security Research and Analysis Director at Finite State, focused on XoT security issues, after spending more than 25 years doing security and disaster recovery in healthcare, performing penetration testing, wireless assessments, and hardware hacking. He also diverts a significant portion of his attention co-hosting the international award winning security podcast, Paul's Security Weekly, and likes to tinker with all things electronic and wireless, much to the disappointment of his family, friends, warranties, and his second Leatherman Multi-tool. Larry is also co-author of Linksys WRT54G Ultimate Hacking, Using Wireshark and Ethereal, and How to Cheat at Configuring Open Source Security Tools. Larry is an Extra Class Amateur Radio operator (KB1TNF) and enjoys developing hardware and real-world challenges for the Mid-Atlantic Collegiate Cyber Defense Challenge.

More About Larry


A self-professed lifelong "tinkerer and explorer", Larry always wanted to know how things work. "I found myself getting to engage in deep dives of technology from an early age: My dad built the family television from a kit, and I helped. It caught fire. Twice. I helped fix it both times."

This curiosity for electronics led Larry to study computer information systems, where he ultimately began working in network engineering, but a security issue sent him down the path of constant puzzle solving found in information security. The help and advice received from the info sec community throughout his career inspired him to share what he had learned to help others secure their networks and improve their craft.

Larry is of the opinion that you should never stop learning about anything in life. Devoting many years of study to wireless systems and implementations, and testing them for security, he learned much by trial and error. "Passing that hard earned knowledge on to the 'next generation' is life fulfilling.", which he partially satisfies teaching for SANS Institute.

A SANS Instructor since 2007, Larry is now, appropriately, co-author of SEC617: Wireless Penetration Testing and Ethical Hacking. An advanced course, SEC617 focuses on wireless technologies from WiFi and Bluetooth to unknown radio signals with an SDR. Larry notes that a willingness for outside-the-box thinking helps to fully benefit from the content. "We often get you through the door by compromising wireless networks. Where you take it from there is often learned with years of experience in other domains: web application testing, mobile device application testing, networking, and general pen testing and red team techniques." Larry has since introduced the new course SEC556: IoT Penetration Testing where the focus is building the skills needed to identify, assess, and exploit security mechanisms in IoT devices.

In his spare time, Larry enjoys being a ham radio operator, spending time with his family, and getting outdoors. He loves working with his hands, whether in his vegetable garden, building electronics, or wood working and blacksmithing in the pursuit of knife making. On these various hobbies, he prompts,  "You never know which one of the multiple talents will be important at any given moment during the zombie apocalypse, so it is best to practice several!"



Software Defined Radio for Penetration Testing and Analysis, June 2018

KringleCon - Software Defined Radio: The New Awesome, December 2018


Larry is a host of the Security Weekly podcast.