GRC has no "security researchers". It's practically a one-man operation, and Gibson is just a loud-mouthed twit with no security experience. He's been widely denounced by actual security experts. Just see the controversy around his Windows XP SOCK_RAW and WMF bug/Windows backdoor claims. And his most popular work, the "SpinRite" app, is just a load of snake-oil he's managed to con a decent number of people into paying for...
The old grcsucks.com is gone, but there are still several sites dedicated to exposing his fraud, mistakes and lies over the years:
The old grcsucks.com is gone, but there are still several sites dedicated to exposing his fraud, mistakes and lies over the years:
http://attrition.org/errata/charlatan/steve_gibson/
http://radsoft.net/news/roundups/grc/