I am an Information Security Consultant with a focus on web application security. Since 2001, my engagements have involved everything from performing penetration testing and PCI DSS assessments all way to creating and implementing a secure application development program for major corporations. I have developed and delivered training courses on finding web application vulnerabilities and building secure web applications. These courses are also delivered online, using software that I designed and coded.

I currently manage professional services and training for the company that I work for. I am a Certified Information Systems Auditor (CISA), Payment Card Industry-Qualified Security Assessor (PCI-QSA) and an IBM Certified Specialist (Rational AppScan).

Before getting into information security, I developed client/server and web applications for about 5 years.

Contact me..