For the better part of the last decade I have been involved in software security. I graduated from Abertay University with a BSc (Hons) in Ethical Hacking and Countermeasures. In parallel with my studies, I started out my professional career as a web developer with some joint security responsibilities at an amazing Scottish web design studio, MTC Media. Upon my graduation, I moved to London to become a full time security consultant at Cigital, now acquired by Synopsys Software Integrity Group.
My primary domain is reverse engineering and understanding low-level things. This includes IoT and embedded devices, as well as low-level Android code. I am especially interested in issues affecting solutions based on Trusted Execution Environments.
As a consultant, I frequently get involved in penetration testing of all possible flavours, architecture risk assessments and teaching security courses. I am a holder of the CREST Registered Penetration Tester (CRT PEN) certification.
You can get in touch via LinkedIn.
I do have an account on GitHub, but due to corporate IP clauses most of the code I write never ends up being publicly available. The coolest thing that did go public is probably SafetyNet.
Some years ago I spoke at B-Sides London. Sadly, I haven’t had the opportunity to do so again after entering the industry: