Founder of secmatics.com. Currently building automated vulnerability analysis technology and blogging about actively exploited vulnerabilities.

Spent 25 fun-filled years in application security and product development.

Built and ran the product security, certification and incident response teams at Citrix.

Once accidentally found a CVSS 10.0 kernel-mode RCE in Windows (CVE-2015-1635) while trying to figure out why a test deployment wasn't working.