Since completing a PhD in Information Security, Dan has spent four years working within the IT security field. In December 2008, while living in London, he joined Context as a Security Consultant where he has focused primarily on web application and external infrastructure penetration testing. He has also had exposure to a number of other areas including auditing (especially BACS), internal infrastructure penetration testing and host reviews. Dan is currently focused on web service testing and conducting research into cryptographic attacks against web applications. In April 2010, Dan returned to Melbourne as the first member of Context's now expanding Australian presence.
Prior to joining Context, he worked as a security consultant for Certitude, a Melbourne-based security consultancy firm specialising in risk analysis, business continuity and security policy. He has also spent time working as a freelance web security consultant and as a software developer.
PhD in Information Security, Monash University, Australia
Dan's research involved analysis of the design of a security-focused operating system, in which he identified a number of cryptographic vulnerabilities and showed how they could be leveraged into practical attacks. After resolving these vulnerabilities, he formally proved that a range of security properties held for the modified system.
BSc (Hons) Computer Science (First Class), University of Edinburgh, Scotland
For his final year thesis, Dan developed tools for the high-level 3D modelling of protein systems.