Authors

Alexander Polce Leary

Alexander Leary holds a BS in Information Security and Forensics from the Rochester Institute of Technology and graduated Summa Cum Laude. Alexander has been involved in information security consulting for over 5 years. Prior to becoming involved in computer security, Alexander worked as a system administrator, network administrator, and web developer. Alexander specializes in network penetration testing and email phishing. Alexander is also involved in the research and development of various tools and frameworks including PowerShell Empire.

Antti Rantasaari

Antti is both a network and application penetration testing expert. He is a resource for other team NetSPI members and has found numerous zeroday vulnerabilities. Though he started as a network penetration tester, he has become one of NetSPI’s lead application security experts and is a lead contributor to NetSPI’s repeatable web application penetration testing process. He has presented on and created a number of techniques for leveraging database technologies for penetration testing. Antti has an MS in Computer Science from the University of Helsinki in Finland and has over 8 years of computer security consulting experience.

Cody Wass

Cody has a BS in Computer Science from North Dakota State University. At NetSPI, Cody's primary duties include network, web, mobile, and thick applications. He also helps develop scripts and plugins for the NetSPI penetration testing team. Cody has previously spoken at BSidesLV and Secure360, and currently holds the GXPN certification.

Deke George

Deke George, a co-founder of NetSPI, is a business-oriented IT executive. He has significant entrepreneurial experience as both a member and founder of multiple startups. He began his career as a founder of the computer forensics program at Ontrack (now Kroll-Ontrack). In this capacity, he has worked on high-profile computer fraud and computer evidence cases in the United States and abroad. As an entrepreneur with a focus on creating client oriented solutions, Deke has been involved in a variety of roles including consultant, sales, and leadership for a number of technology based organizations. Deke holds a B.A. in Physics from Middlebury College in Vermont.

Eric Gruber

Eric has a BS and a Master's in Computer Science from the University of Minnesota, focusing on networking, security, and software engineering. He has done work in the education, information technology, and information security industries, designing and developing software, maintaining information systems, and researching security topics. At NetSPI, Eric's primary duties include network, web application, thick application, and mobile penetration testing. He also helps develop applications and scripts for the NetSPI penetration testing team. Eric currently holds the GCIH and GXPN certifications.

Eric H

Eric has over 15 years of information security experience including network engineering, UNIX administration, and consulting. Eric specializes in network architecture and device security, secure storage, and virtualization technologies. Eric’s recent projects include administering a heterogeneous virtual environment based on VMware and Hyper-V server which directly supported a large MSSP and numerous Fortune 1000 customers. He also provided network and security administration and support for large multi-tenant networks in ISP and MSSP environments.

Gabriel Cogar

Gabriel’s primary areas of focus are web application, and thick application penetration testing. He has provided security services to a variety of industries; health care, financial, education, and retail. He also contributes to the research and development of tools used by the NetSPI penetration testing team. Gabriel currently holds several certifications, including the CISSP.

Jem Jensen

Jem graduated from WGU with a BS in Information Technology - Security. She holds a number of certifications, including CISSP, CCNA Security, and most of the CompTIA stack. Jem has over 15 years of information security experience in a number of industries and roles ranging from network administration, secure application development, and PCI compliance assessment. She has been with NetSPI since 2015 where her primary duties include web application penetration testing, mobile application penetration testing, and hardware penetration testing.

Jake Reynolds

Jake graduated with a Bachelors of Computer Science from the University of Minnesota, Twin Cities in 2016. His previous roles include internal penetration tester and web developer. At NetSPI, his daily work consists of consulting on web, thick, and mainframe applications. While also performing manual full-stack code reviews. He is always eager to automate and teach anything he can through new penetration testing tools and websites.

Karl Fosaaen

Karl specializes in network and web application penetration testing. Karl holds a BS in Computer Science from the University of Minnesota and has over a decade of consulting experience in the computer security industry. In that time, he has worked with a variety of industries; including financial services, health care, and retail. Karl holds the Security+, CISSP, and GXPN certifications. In his spare time, Karl has volunteered at conferences including DEF CON, THOTCON, and AppSec USA. Karl has previously spoken at BsidesPDX, THOTCON, AppSec California, and DerbyCon.

Kevin Robertson

Kevin Robertson holds a BS in Computing Security and Technology from Drexel University. Kevin has spent 20 years in IT with the last 5 years focused on penetration testing and tool development.

Matt Appel

Matt has a B.S. in Information Technology with an emphasis on Information Security from Minnesota State University, Mankato. For the last three years, Matt has primarily focused of web application, external penetration testing and internal penetration testing. Matt currently holds a GPEN certification and is currently pursuing his OSCP.

Mike Larch

Mike has a BS in Information Technology Security from St. Cloud State University. He has worked with companies in many industries, including information technology, healthcare, and financial services. At NetSPI, Mike's primary duties include web application and network penetration testing. He also contributes to the research and development of tools used by the NetSPI penetration testing team.

Patrick Sayler

Patrick is approaching ten years of experience in the information security industry with over five years dedicated to penetration testing. During this time he has worked across a wide range of industries, including aerospace, financial services, manufacturing, healthcare, retail, and biotechnology. He joined NetSPI in 2016 where he specializes in phone-based and on-site social engineering assessments.

Ryan Gandrud

Ryan has a BS in computer science from North Dakota State University. He has done work in the information technology, healthcare, financial services, and information security industries, maintaining information systems, and security research. At NetSPI, Ryan's primary duties include network, web application, and thick application penetration testing with extensive knowledge in email phishing. He also helps develop applications and scripts for the NetSPI penetration testing team.

Ryan Wakeham

Ryan leads NetSPI’s Assessment Team, which performs network and application penetration tests, code reviews, and infrastructure assessments. He also consults directly with clients on IT risk management and security program development projects. He brings to his work sound insight into security issues and the communication skills to effectively and thoroughly convey risks and recommended remedies to clients. Ryan has over ten years of computer security experience, seven of them with NetSPI. He holds a BA in Computer Science from Carleton College and an MS degree in Information Security from the Georgia Institute of Technology.

Scott Sutherland

Scott is currently responsible for the development, and execution of network penetration testing at NetSPI. His role includes researching and developing tools, techniques, and methodologies used during network and application penetration tests. Scott has been providing IT security services to medium sized to Fortune 50 companies for over 10 years. As an active participant in the information security community, Scott also contributes technical security blog posts, whitepapers, and presentations on a regular basis through NetSPI. Published presentations can be found here. Scott's most recent project is PowerUpSQL.

Thomas Elling

Thomas has a BS in computer science from Columbia University with a focus on software development and security. He has experience as an undergraduate researcher at the CU Network Security Lab. At NetSPI, Thomas primarily focuses on web application and network penetration testing. He also helps with research and tool development for the assessment team.

Vikram Kulkarni

Vikram has a MS in Information Security from Indiana University and a BS in computer engineering from India. His main focus is on Mobile and Web application security. His research is mainly present in Android and IOS security. At NetSPI, he has worked on Web, Network, Mobile and thick client penetration tests. Vikram currently holds the CCNA certificate.

Will Strei

Will graduated from the University of Minnesota with a BS in Computer Science with an emphasis in computer security. He has been with NetSPI for about two years now, and focuses primarily on web application penetration testing and related tool development. Since joining NetSPI, he has performed penetration tests for top US banks, healthcare software providers, and some of the leading cloud providers.