prac·ti·cal: of or concerned with the actual doing or use of something rather than with theory and ideas.
There are plenty of resources for theory and ideas regarding the many fields of study within the Information Security industry. The missing piece to many of these great resources and the brilliant discoveries we read about on a daily basis is the practical application to our daily jobs. I've spent my career focusing on stripping away the "magic" from these complex theories and ideas and finding ways to make them applicable to what many of us do every day. So out of that approach was born the idea of forming a company whose goal is the same. To provide consulting, development, and training services where the practical application of technologies, theories, and ideas result in a high-quality, actionable deliverable and an enhanced skill set for my clients.
With over a decade of experience in the Information Security field, I've had the pleasure of serving in many roles including Senior Red Team Leader (Department of the Army), Senior Security Consultant (Accuvant, Black Hills Information Security), Managing Consultant (Black Hills Information Security, nVisium), Vice President of Professional Services (nVisium), and Director of Training (nVisium). Each of these roles has afforded me the opportunity to gain a different perspective of the industry and hone my craft at many levels. While experienced in variety of fields, I believe that specialization is important to providing a high quality product, and am committed to the field of application security. As a consultant, I offer assistance in conducting application penetration tests, vulnerability assessments, and code reviews. Please contact me me for consulting inquiries.
Writing code has been a personal hobby and passion since childhood. Throughout my life and career, the ability to read and write code has been a stepping stone to becoming a more efficient and effective community contributor and security consultant. As a professional, I continue in my lifelong love of code by conducting research in modern development frameworks, managing and maintaining several open source software projects, and building the proprietary software on which this company runs. Experience as a security consultant and software developer uniquely qualifies me to contribute to development projects where elements of both are desired. Please contact me me for development support.
See the training page.