Justin works as a security researcher with the University of Pennsylvania School of Arts and Sciences (SAS). In this capacity Justin performs software security code audits, penetration testing, incident response, security engineering, training, and policy compliance functions. In addition, Justin serves on a number of University committees including IT Privacy and the Network, System, and Data Risks (NSDR) working group. In 2008 Justin received the Models of Excellence award for his work on the Univeristy Security and Privacy Impact Assessment (SPIA).
Justin holds an MCIT degree from the University of Pennsylvania and an MA from James Madison University.
Justin is an active member of Infragard Philadelphia, the Educause Higher Education Information Security Council, and is one of the chapter leaders for OWASP Philadelphia. Justin regularly presents at local and national technical conferences on a variety of information security topics.
Justin's security specialty has always been guided by his experience as a programmer. He has worked in C, C++, Java, Perl, PHP, Python, Scala, Clojure, Prolog, and Lua. He works extensively with databases, virtualization, and Linux. Justin has worked on a number of open source projects, notably the Drupal content management system.
Justin's current interests surround the field of security intelligence, including the development of security intelligence collection and analysis software to assist in computer network infrastructure defense. This work includes the use of honeypots and passive information gathering and corrolation. Justin also works extensively with application security testing to discover new software security vulnerabilities and developing new exploits and patches to mitigate these attack vectors.