This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit


Jump to: navigation, search

My day job is at Shape Security - an exciting startup in the heart of silicon valley. Here we're evaluating how applications are compromised and building new approaches to fundamentally change the model of defending applications. This is an exciting role where I focus on the secure design of our product and also evaluating the threat space to educate and understand risks facing large applications.

I previously worked at Mozilla, a company of 900+ people with a massive footprint with over 450 million users. Here I was responsible for the Mozilla security program. This included security of Firefox, all web applications, servers and infrastructure. As part of this role we led threat modeling, secure design, training, testing and continual security maintenance. Security can be tough, and perhaps one of the most interesting challenges is designing security solutions that scale and are usable to such a massive number of people.

Security is what I do. Like many of us in the security industry, this is more than just a means of employment, it's a hobby and a passion. Throughout my professional career I've had the opportunity to assess and secure a wide variety of systems.