Andrey Petukhov has been doing R&D in the area of information security at Moscow State University since 2003. He participated in various R&D projects, such as:
1. Development of the distributed intrusion detection system. REDSecure project.
2. Development of the methodology for assessment of web application security using white-box testing approach. Static and dynamic analysis of web applications. Integration of dynamic analysis and penetration testing. Some of the results of this project were presented at OWASP Application Security Conference in Ghent, Belgium, 2008.
3. Development of the methodology for assessment of web application security using black-box testing approach.
He is also involved in teaching and training at Moscow State University. He has developed several courses, such as «Managing information security risks for organizations» and «Building Corporate Networks». These courses are delivered by their author. Also, he is a co-lead of «Information Security» profile workshops for the students of Computing Systems Lab.
For the last two years he has been an out-of-staff instructor delivering information security related courses for certified Cisco Systems learning partners. From time to time he has conducted vulnerability assessments of web applications as a freelancer