User:Dominic Chell - Revision history

Dominic Chell at 14:40, 21 January 2015

2015-01-21T14:40:20Z

Dominic Chell at 14:37, 21 January 2015

2015-01-21T14:37:52Z

KateHartmann: Creating user page with biography of new user.

2012-07-18T15:47:15Z

Creating user page with biography of new user.

New page

I have over 10 years industry experience, the majority of which has been working in security. I have also continuously maintained CHECK Team Leader status since 2007.

I have significant experience in delivering consultancy to organisations in the financial, government and commercial sectors. In addition to consultancy, I have provided training courses to a variety of audiences, including at the BlackHat security conference in Las Vegas.

Whilst the majority of my work is performed under NDA, occasionally I dabble in research outside of work. Here are some of my findings:

CVE-2011-0204: Apple ImageIO TIFF Heap Overflow
CVE-2011-0194: Apple ImageIO TIFF Image Integer Overflow
CVE-2011-1931: FFMpeg Out of Array Write in AMV Parsing
CVE-2010-1845: Apple ImageIO PSD Image Memory Corruption

Further details can be found at:
http://packetstormsecurity.org/files/author/5950/

Specialties
Product assessment, web application testing, infrastructure penetration testing, mobile application assessment & software security evaluations.

@@ Line 2: / Line 2: @@
 Notable achievements:
-- CHECK/CREST Team Leader since 2007
+* CHECK/CREST Team Leader since 2007
-- Lead author for the Mobile Application Hacker's Handbook (ISBN-10: 1118958500)
+* Lead author for the Mobile Application Hacker's Handbook (ISBN-10: 1118958500)
-- Founding director of MDSec
+* Founding director of MDSec
-- Subject matter expert for CompTIA Secure iOS Development examination
+* Subject matter expert for CompTIA Secure iOS Development examination
 Public speaking engagements:
-- Breaking Secure Mobile Applications, HackInTheBox 2014 KL
+* Breaking Secure Mobile Applications, HackInTheBox 2014 KL
-- Breaking Secure Mobile Apps, BSides MCR 2014
+* Breaking Secure Mobile Apps, BSides MCR 2014
-- Practical Attacks Against Encrypted VoIP Communications, HackInTheBox 2013 KL
+* Practical Attacks Against Encrypted VoIP Communications, HackInTheBox 2013 KL
-- iOS Application (in)Security, OWASP Manchester March 2012
+* iOS Application (in)Security, OWASP Manchester March 2012
-- Evaluating iOS Applications, OWASP Dublin February 2012
+* Evaluating iOS Applications, OWASP Dublin February 2012

@@ Line 1: / Line 1: @@
-I have over 10 years industry experience, the majority of which has been working in security. I have also continuously maintained CHECK Team Leader status since 2007.
+Security consultant, trainer and author with significant experience delivering engagements to financial, government and retail organisations.
-I have significant experience in delivering consultancy to organisations in the financial, government and commercial sectors. In addition to consultancy, I have provided training courses to a variety of audiences, including at the BlackHat security conference in Las Vegas.
+Notable achievements:
-Whilst the majority of my work is performed under NDA, occasionally I dabble in research outside of work. Here are some of my findings:
+Public speaking engagements:
-CVE-2011-0204: Apple ImageIO TIFF Heap Overflow
+Training engagements:
-CVE-2011-0194: Apple ImageIO TIFF Image Integer Overflow
+- The Mobile App Security Bootcamp, 44Con 2014
-CVE-2011-1931: FFMpeg Out of Array Write in AMV Parsing
+- The Mobile App Security Bootcamp, AppSecEU 2014
-Further details can be found at:
+Specialties: mobile security, C/C++/Java code review, reverse engineering, web application testing,  infrastructure penetration testing, vulnerability research and exploit development