User:Thornmaker

I am a Senior Application Security Researcher working to help developers build better applications. I am skilled in Penetration Testing, Threat Modelling, Web Application Security, Product Security, and Secure Architecture. I started with a MSc in Mathematics from the University of Utah and have since accumulated 12+ years of experience in the application security space.

As a consultant, I have performed penetration tests on all types of software including desktop, web, firmware, mobile and cloud applications. As a Security Engineer, I have also worked to defend these types of applications. This work has included managing security testing programs, integrating SDLC best practices into agile and devops teams, and leading incident response for zero-days. As a Researcher, I currently investigate vulnerability classes, write specifications, and create tools to help improve Synopsys' suite of automated security tools (DAST, SAST, IAST).