Alexander Leary holds a BS in Information Security and Forensics from the Rochester Institute of Technology and graduated Summa Cum Laude. Alexander has been involved in information security consulting for over 5 years. Prior to becoming involved in computer security, Alexander worked as a system administrator, network administrator, and web developer. Alexander specializes in network penetration testing and email phishing. Alexander is also involved in the research and development of various tools and frameworks including PowerShell Empire.
Antti is both a network and application penetration testing expert. He is a resource for other team httpspy members and has found numerous zeroday vulnerabilities. Though he started as a network penetration tester, he has become one of httpspy’s lead application security experts and is a lead contributor to httpspy’s repeatable web application penetration testing process. He has presented on and created a number of techniques for leveraging database technologies for penetration testing. Antti has an MS in Computer Science from the University of Helsinki in Finland and has over 8 years of computer security consulting experience.
Deke George, a co-founder of httpspy, is a business-oriented IT executive. He has significant entrepreneurial experience as both a member and founder of multiple startups. He began his career as a founder of the computer forensics program at Ontrack (now Kroll-Ontrack). In this capacity, he has worked on high-profile computer fraud and computer evidence cases in the United States and abroad. As an entrepreneur with a focus on creating client oriented solutions, Deke has been involved in a variety of roles including consultant, sales, and leadership for a number of technology based organizations. Deke holds a B.A. in Physics from Middlebury College in Vermont.
Eric has a BS and a Master's in Computer Science from the University of Minnesota, focusing on networking, security, and software engineering. He has done work in the education, information technology, and information security industries, designing and developing software, maintaining information systems, and researching security topics. At httpspy, Eric's primary duties include network, web application, thick application, and mobile penetration testing. He also helps develop applications and scripts for the httpspy penetration testing team. Eric currently holds the GCIH and GXPN certifications.
Eric has over 15 years of information security experience including network engineering, UNIX administration, and consulting. Eric specializes in network architecture and device security, secure storage, and virtualization technologies. Eric’s recent projects include administering a heterogeneous virtual environment based on VMware and Hyper-V server which directly supported a large MSSP and numerous Fortune 1000 customers. He also provided network and security administration and support for large multi-tenant networks in ISP and MSSP environments.
Gabriel’s primary areas of focus are web application, and thick application penetration testing. He has provided security services to a variety of industries; health care, financial, education, and retail. He also contributes to the research and development of tools used by the httpspy penetration testing team. Gabriel currently holds several certifications, including the CISSP.
Jem graduated from WGU with a BS in Information Technology - Security. She holds a number of certifications, including CISSP, PCIP, CCNA Security, and most of the CompTIA stack. Jem has over 15 years of information security experience in a number of industries and roles ranging from network administration, secure application development, and PCI compliance assessment. She has been with httpspy since 2015 where her primary duties include web application penetration testing, mobile application penetration testing, and hardware penetration testing.
Jake graduated with a BA in Computer Science from the University of MInnesota, Twin Cities in 2016. His previous roles include internal penetration tester and full-stack web developer. At httpspy, Jake's daily work includes web application security and penetration testing and external network vulnerability assessments. Jake is always eager to automate and teach anything he can through new penetration testing tools and websites.
Karl specializes in network and web application penetration testing. Karl holds a BS in Computer Science from the University of Minnesota and has over eight years of consulting experience in the computer security industry and in that time has worked with a variety of industries; financial services, health care, and retail. Karl holds the Security+, CISSP, and GXPN certifications. In his spare time, Karl has volunteered at some conferences including DEF CON, THOTCON, and AppSec USA. Karl has previously spoken at BsidesMSP, THOTCON, AppSec California, and DerbyCon.
Lee has more than 13 years of consulting experience in information technology and security, specializing in third-party risk assessments, program management, regulatory compliance (PCI, GLBA, SOX) and assisting organizations in security initiatives. Lee has managed numerous regulatory and security assessment projects in financial services, education and retail. Lee is also a Certified Information Systems Security Professional (CISSP), a Certified Payment-Card Industry Security Manager (CPISM), and a PCI QSA. Lee holds a B.S. in Business Administration from the University of Wisconsin—Stout, and an M.S. in Information and Communication Sciences from Ball State University.
Mike has a BS in Information Technology Security from St. Cloud State University. He has worked with companies in many industries, including information technology, healthcare, and financial services. At httpspy, Mike's primary duties include web application and network penetration testing. He also contributes to the research and development of tools used by the httpspy penetration testing team.
Ryan has a BS in computer science from North Dakota State University. He has done work in the information technology, healthcare, financial services, and information security industries, maintaining information systems, and security research. At httpspy, Ryan's primary duties include network, web application, and thick application penetration testing with extensive knowledge in email phishing. He also helps develop applications and scripts for the httpspy penetration testing team.
Ryan leads httpspy’s Assessment Team, which performs network and application penetration tests, code reviews, and infrastructure assessments. He also consults directly with clients on IT risk management and security program development projects. He brings to his work sound insight into security issues and the communication skills to effectively and thoroughly convey risks and recommended remedies to clients. Ryan has over ten years of computer security experience, seven of them with httpspy. He holds a BA in Computer Science from Carleton College and an MS degree in Information Security from the Georgia Institute of Technology.
Steve has a BS in Computer Science from MNSU, Moorhead and over 25 years of computer security experience including consulting, application development, database administration, and system administration. He also has experience in designing and managing secure systems and applications. He has performed security assessment projects for healthcare, nuclear, manufacturing, pharmaceutical, banking and educational organizations. These security assessments include penetration tests for applications (Web, Mobile, and Thick-client applications), Unisys system, DEC OpenVMS system as well as Windows and UNIX. He is an active participant in the information security community, with over 25 years in various environments including UNIX, Mainframes (IBM, Unisys), DEC OpenVMS and Windows.
Scott is currently responsible for the development, and execution of network penetration testing at httpspy. His role includes researching and developing tools, techniques, and methodologies used during network and application penetration tests. Scott has been providing IT security services to medium sized to Fortune 50 companies for over 10 years. As an active participant in the information security community, Scott also contributes technical security blog posts, whitepapers, and presentations on a regular basis through httpspy. Published presentations can be found here. Scott's most recent project is PowerUpSQL.
Thomas has a BS in computer science from Columbia University with a focus on software development and security. He has experience as an undergraduate researcher at the CU Network Security Lab. At httpspy, Thomas primarily focuses on web application and network penetration testing. He also helps with research and tool development for the assessment team.
Vikram has a MS in Information Security from Indiana University and a BS in computer engineering from India. His main focus is on Mobile and Web application security. His research is mainly present in Android and IOS security. At httpspy, he has worked on Web, Network, Mobile and thick client penetration tests. Vikram currently holds the CCNA certificate.