About Dave
Startup Founder
As the Founder and Lead Engineer of multiple startups, my talents include managing business operations, marketing, and creating both SaaS and eCommerce services. These services include security products, commercial sales platforms, and a charitable, employment based advertising platform.
Software Engineer
My experience brings over 23 years of software development, and 17 years of security focused engineering to enterprises. My portfolio includes the creation of security products, Python based SaaS and commercial sales platforms, REST APIs, web services, backend infrastructure development, endpoint products, and more.
Security Researcher
As a security researcher, my work has progressed from incident response, to identifying indicators related to criminal campaigns, to researching state-sponsored APTs. I've combined this research with extensive Python & DevOps experience to produce deliverables essential for security intelligence work.
International Consultant
Advising colleagues in multiple countries across the globe, my 23 years of experience has helped mentor, support, and grow world class talent within information security, software development, and business. This support has helped inspire lives, improve profits, and create a solid foundation to prosper.
Resume
Staff Security Analyst
Staff Security Analyst with Imply Data.
Senior Security Automation Engineer
Senior Security Automation Developer with Pfizer's Global Information Security Team.
- Engineering solutions to ensure compliance with data loss prevention policies
- Compliance-driven collection of mobile application data sent within the APAC region using Python bindings to C libraries, Splunk, Docker, Zookeeper, and Elastic
- Administering a Security Orchestration, Automation, and Response (SOAR) platform
- Providing automation support to incident response, threat intelligence, and insider threat teams
- Conducting code reviews and modernizing legacy infrastructure & engineering practices
- Assisting management and mentoring team members
Founder & Lead Engineer
- A Yara based endpoint security product that alerted clients about files containing sensitive data & measured the length of exposure over time
- A GPS, WiFi & Cellular based mapping service
- A charitable, employment based advertising platform tailored to the Republic of the Philippines
Security Research Analyst
Security Research Analyst on Arbor's Security Engineering & Response Team (ASERT).
- Reverse engineering malware, malware classification
- Contributing to the company's malware analysis infrastructure development
- Malware sinkhole development and product feed contributions
- Researching DDoS related threats & developing mitigations
- Producing research & intelligence products for customers
- Briefing media & responding to law enforcement inquiries; point-of-contact for an ISAC
- Understanding threat-actor TTPs & providing attribution to campaigns
- Researching new malware families, criminal, and state-sponsored campaigns
- Presenting at private conferences
Incident Responder
Incident Responder in the Information Security Department at Southern Illinois University Carbondale.
- Identifying, containing, and monitoring the remediation of malware infections
- Working with departments to implement best security practices
- Developing a DNS-based sensor network to identify malware traffic
- Creating infrastructure to detect malware traffic signatures from third-party feeds
- Developing a passive DNS database; forensic analysis of compromised devices
- Reverse engineering malware; identity management & compliance audits
- Responding to law enforcement inquiries; contributing to the TDL working group
- Developing an endpoint security product
Research Contract
Contributing to the development of a communication paradigm for unmanned aerial vehicles.
Palm Pilot Application Development
Contributing to a Palm Pilot application for clinical researchers, enabling monitoring and recording of behavioral interactions between members of at-risk communities for a long-standing university study.
Employee
Repairing and assembling computers, removing malware infections, selling cellular phones, assisting customers, and installing satellite dishes in the Mendota, IL area.
B.S. Speech Communication
B.A. Political Science
Portfolio
Kayod.ph
Media & Research Coverage
Selected media, vendor, archival, and research references.
Bellingcat Research Reference
PunkeyPOS Analysis
Punkey / NewPOSthings Analysis
SecurityWeek Podcast with Ryan Naraine
Zeus Gameover Analysis
- Insert Coin to Continue: GameOver ZeuS Zombie MUTATES, Shuffles Back to Its Feet – The Register
- Infection Rate from Zeus Variant Grows 1879% – SC Magazine
- Zeus Gameover Variant is Back – ZeroSecurity
- Gameover Zeus Variant Begins Exponential Botnet Build – Infosecurity Magazine
- Bad Actors Rebuild from Scratch the Gameover Zeus Botnet – Security Affairs
- Исследователи обнаружили очередную модификацию трояна GameOver ZeuS – SecurityLab
- Исследователи обнаружили очередную модификацию трояна GameOver ZeuS – InternetUA
Point-of-Sale Malware Analysis
- Criminals Seeking More Buyers with All-In-One Malware – CSO Online
- After Neiman Marcus, Target Breaches – SC Magazine
- Soraya Malware Targets Payment Card Data – SC Magazine
- POS Malware on the Rise in Cyber Underground – SecurityWeek
- Retail Breaches Spread, POS Malware a Suspect – Security Ledger
- Soraya Malware Mixes Capabilities of Zeus and Dexter to Target Payment Card Data – SecurityWeek
- The Best Of Both Worlds – Soraya – VARIndia
- The Cyber Shield: Criminals Seeking More Buyers with All-In-One Malware – Coastline College Archive