Justin Clarke Lead Author and Technical Editor Rodrigo Marcos Alvarez Dave Hartley Joseph Hemler Alexander Kornbrust Haroon Meer Gary O’Leary-Steele Alberto Revelli Marco Slaviero Dafydd Stuttard

v
exploiting, and correcting software security flaws. Prior to founding GDS, 
Mr. Hemler was a senior security engineer at Ernst & Young’s Advanced 
Security Center.
Mr. Hemler has authored source code analysis tools and written
multiple scripts for identifying and exploiting network and web
application vulnerabilities. He is a contributing author to books in
the area of application security, frequently blogs on the GDS Security 
Blog, and often speaks at various information security conferences and 
training seminars. Mr. Hemler graduated with a Bachelors of Business 
Administration from the University of Notre Dame.
Alexander Kornbrust
is the founder of Red-Database-Security.
He provides Oracle security audits, security training and consulting
to customers worldwide.
Alexander has worked since 1992 with Oracle and his specialties are 
the security of Oracle databases and secure architectures. Alexander has 
reported more than 300 security bugs to Oracle.
Alexander holds a masters degree (Diplom-Informatiker) in computer 
science from the University of Passau.
Haroon Meer
is the Technical Director of SensePost. He joined SensePost 
in 2001 and has not slept since his early childhood. He has played in most 
aspects of IT Security from development to deployment and currently gets 
most of his kicks from reverse engineering, application assessments, and 
similar forms of pain. Haroon has spoken and trained at Black Hat, Defcon,
Microsoft Tech-Ed, and other conferences. He loves “Deels,” building new 
things, breaking new things, reading, deep find-outering, and making up 
new words. He dislikes sleep, pointless red-tape, dishonest people, and 
watching cricket.
Gary O’Leary-Steele
(CREST Consultant) is the Technical Director of 
Sec-1 Ltd, based in the UK. He currently provides senior-level penetration 
testing and security consultancy for a variety of clients, including a number 
of large online retailers and financial sector organizations. His specialties 

vi
include web application security assessment, network penetration testing 
and vulnerability research. Gary is also the lead author and trainer for the 
Sec-1 Certified Network Security Professional (CNSP) training program 
that has seen more than 3,000 attendees since its launch.
Gary is credited by Microsoft, RSA, GFI and Marshal Software for the 
discovery of security flaws within their commercial applications.

Download 6,54 Mb.

Do'stlaringiz bilan baham: