Co-founded and developed PolySwarm: a disruptive platform in the anti-malware / antivirus space that provides economic incentives for accurate malware detection.Architected initial system design, ensuring reliability, security, and compatibility with external anti-malware engines and services.Built and managed a 13-person development team, responsible for technical direction.Closed sales while acting as lead sales engineer.Coordinated with sales and marketing teams to ensure strategy and messaging alignment.Recruited 40+ anti-malware engine vendors - from large firms to individual experts.Fostered a community of 450+ malware reverse engineers from companies like Google, Kaspersky, Ernst & Young, SentinelOne, CrowdStrike, and many more.Participated in venture capital (VC) and other fundraising activities.Translated the technical value of PolySwarm for executive, sales, and general audiences via presentations, meetups and blog posts.

Reverse engineered (RE) and developed “uncooperative access” & “defensive implants” for ICS / SCADA devices (PLCs, HMIs) on behalf of DARPA’s RADICS program, providing tools to government & industry that enable rapid response to blackouts caused by cyber attack.Engineered “challenge binaries” that push the state of the art in autonomous program analysis (symbolic / concolic execution, fuzzing, control flow / data dependency graph reconstruction, etc) and exploit mitigations, discovered vulnerabilities in game infrastructure and ensured competition integrity on behalf of DARPA’s Cyber Grand Challenge (CGC).Developed a signature bypass and hooking framework for a commercial baseband. Used this framework to develop and inject a custom GDB stub, enabling on-device debugging.Authored and awarded DARPA Cyber Fast Track (CFT) proposals, delivering solutions that use partial homomorphic encryption to: (1) construct binary patches that are provably immune to reverse engineering and (2) conduct opaque network signature matching, enabling deployment of secret network signatures to untrusted sensors.

Held and remain eligible for a full scope Top Secret (TS) clearance.Limited information available upon request.

Developed templated mutational fuzzing tools and used these tools to discover and coordinate disclosure of remote code execution (RCE) vulnerabilities including CVE-2011-1591, Wireshark Bug #5722, and dozens of others.Authored definitive exploit for CVE-2011-1591 via an original exploitation method involving IP encapsulation, producing an exploit capable of impacting any target on the Internet despite the vulnerability residing in OSI layer 2 parsing.

Wrote custom vulnerable web applications and test cases for exploitation. Researched and rated emergent vulnerabilities; assigned them enforced PCI scores; offered expert opinion on which vulnerabilities violate PCI compliance.Wrote signatures & scripts that were material to McAfee's ASV accreditation.