Me, Myself and I

I started by teaching myself development on the Atari 1024ST (Casette decks!) and was fascinated that this tiny machine would execute logic that I succeeded in embedding into it. My interest was peaked.

As to Infosec, I started looking into the Information Security field as a hobby when I was around 15, it was around that time that I read about a Remote Access Tool called BO (cDC) in a German Paper magazine called "ct". I wanted to know all about it, why it worked and how it worked. Fast forward, in the late 90s I founded and maintained what must have been the world largest repositry of malware analysis and IOCs (the name for it didn't exist yet).

I analysed and reverse engineered tons of malicious code and back in the days analysis tools were not as advanced as they were today; in fact there weren't any publicly available. My results were covered by the the SANS Institute, various books and  commercial and non-commercial IDS rules.

It was during these years that I discovered that the field of Information Security is both very vast, interesting and developing at a rapid stance. Needless to say that it caught my attention ever since. Mid 2009 I founded G-SEC where I build up a local non-profit  Team of Security Specialists and create  interest in this profession for those that yet have to make a career choice.

I have over 18 years of background in information security, in non-operational, operational and second line of defence types of roles.  I engineered threat resistant architectures and systems,  managed development and information security teams, created ISM policies, lead and executed  penetration tests. My thirst for knowledge let me to discover hundreds of vulnerabilities in my free time, I engineered the first Bluetooth PIN Bruteforcer and found high-profile vulnerabilities within Microsoft, Oracle, Google and Apple software which led to IBM X-Force put me on the list of the  Top Vulnerability Discoverers of 2009.

I regularly presented at international security conferences and am a proud founding father of the CLSSP certification which I co-created during my role at the European ISC2 CSSLP advisory board.

I also jumped on  the "Certification Bandwagon" and am a Certified Lead Risk Manager (ISO 31000), a Certified Cybersecurity Manager, a Certified Secure Development Lifecycle Professional and a Certified Data Protection Officer (PECB).

Get in touch
I can be found on Twitter, Linkedin, Xing and can be reached via e-mail.

Tools and Releases
If you are lookint for Talks, Tools ,Whitepapers and Vulnerailities, look no futher  than here.