Examples of Work
Relevant and current expertise: Application components and frameworks are rapidly evolving. Web 2.0, Agile, SOA, SaaS and Cloud are all recent, allow for new solutions and create security challenges.
Focus on process improvement: While I have done hundreds of penetration tests in the past, test results are only a snapshot in time. The real value I provide is not showing how things can be broken but knowing the methodologies needed to build it right. Improving quality, predictability and stability in your processes results in more secure applications.
Team Approach: No one team should carry the entire burden. My engagements are holistic, positive and designed to minimize the impact on any single group in your organization.
The links below cover the general topic areas (AppSec, Audit, Benchmarking, FIPS, PKI, SDL training and Web Services) that I have provided expertise in the past. If you have questions on how or if I can help, please call the initial consultation is always free.