Bio

I've worked exclusively in software security roles since 2003. I specialize in software engineering, vulnerability discovery, exploitation, and exploit mitigation development. I sat on the Black Hat Review Board for nearly a decade. I have experience in roles including software engineer, researcher, consultant, and founder. I’m deeply interested in the intersection of cyber policy and US national security. In the last 20 years I have built and sold a company, shipped code to billions of devices and users, and given guest lectures at universities and federal agencies.