Andrey Petukhov has been doing R&D in the area of information security at Moscow State University since 2003. He participated in various R&D projects, such as:
1. Development of the distributed intrusion detection system. REDSecure project.
2. Development of the methodology for assessment of web application security using white-box testing approach. Static and dynamic analysis of web applications. Integration of dynamic analysis and penetration testing. Some of the results of this project were presented at OWASP Application Security Conference in Ghent, Belgium, 2008.
3. Development of the methodology for assessment of web application security using black-box testing approach.
Andrew is also involved in teaching and training at Moscow State University: he has developed and holds a course on managing information security risks; he is a co-lead of «Information Security» profile workshops for the students of the Computing Systems Lab.
For the last two years he has been an out-of-staff instructor delivering information security related courses for certified Cisco Systems learning partners. From time to time he has conducted vulnerability assessments of web applications as a freelancer