Antimatter Security, LLC was founded by passionate members of the hacking community who are personally driven by the principle of improving security. Our Penetration Testers have intimate knowledge of enterprise development framework, web application vulnerabilities, social engineering, IoT, networking protocols, MiTM, multi-platform system administration, password storage, database systems, scripting, and essential security toolsets.Building InfoSec programs from the ground up for CEO’s and CISO’s. Blue Team (Splunk, SOAR, EDR, Vulnerably Management, DLP, Cloud). Providing key metrics and understanding the balance between velocity and security. In many cases speeding up production. We believe in the importance of personalized one-on-one interaction with our clients vs. the churn and burn approach of the competition. We pride ourselves on our commitment to identifying risk and strengthening your organization.Building InfoSec programs from the ground up(Company’s revenue in excess of 30 billion)Restructuring InfoSec programs for CEO/CISOConnections to fill any security role of the highest caliber (Black Hat, Defcon connections)Dealing with high level executives (CEO, CISO, VP, Board of Directors)up to 300 billion market capsBudgeting for entire programs (SOC, Vulnerability Management, Application Security, GRC, Pentest, Red Team, Incident Response) Zero Trust / Okta Compliance (NIST, SOC1, SOC2, SOX)FTC, SEC issues and remediation's Docker/Docker Compose/Kubernetes

Autonomous semi-trucks •Planned entire restructure of InfoSec Programo Consulted on SIEM/SOAR project o Restructured Vulnerability Management Programo Set up external automated scanningo Reviewed all policies and procedureso Implemented InfoSec budgeto Cloud Security o Docker/Kubernetes securityo Fixed critical public documentation o Pushed for security and controls on autonomous tractor trailers o Brought in critical people to fill crucial roles that the company could not fillo Worked with Chief Legal Officer on security issueso Spun up incidents and directly communicated them to the CEO and CTOo Consulting Just in Time Access •Developed entire Red Team program for the company network and autonomous trucks.o Architect reviews of corporate network and autonomous tractor trailerso Reverse Engineered key components of autonomous tractor trailerso Found multiple issues with autonomous trucks and autonomous vehicle technologyo RF hacking o Segmentation Attackso Physical Security on buildings and vehicleso Docker Security

• Built PCI Penetration Testing Program• Built Red Team Program o Purple Team o Simulated Breach Scenarios o Endpoint Protection o Mitre Attack Framework o Budgeting / Staffing• Ran Penetration Testing engagements on PayPal and PayPal business units toensure PCI compliance.• Developed and ran Red Team engagements on PayPal and PayPal businessunits.• Built Red Team Mentoring Program• Large Scale Environment

Restructured Application Security ProgramMapped Application Security testing to OWASP security testing guideImproved CI/CD security OWASP Top TenProduct Security Penetration Testing/Red Team/Purple TeamExternal perimeter, internal attack surface discovery and assessment. Engage on findings.Pentest new applications and updated applications for vulnerabilities using both automated and manual testing. Web and Mobile Applications. Oversee the bug bounty program. Process new reports. Shepherd existingissues into final remediation. Coordinate and validate remediation withproduct owner. Closeout tickets.Create new vulnerability tickets, shepherd existing issues, update, andcloseout tickets.Code analysis of new applications. Project Reviews Provide security education to developers.BSIMM

• Worked as a Security/IT Consultanto An early pioneer in enhancing company’s security postureo Setting up secure systemso Penetration Testingo Red Team o Vulnerability assessmentso Wifi assessmentso IoT testing o Exposing backdoors through war-dialingo Security research

• Worked as an Information Technology Specialisto I was vital in helping with Operation Buckshot Yankee, "deemed worst breach of U.S. military computers in history." o Cyber Security trainingo OWASP Top Ten o Ran multiple tiger teams on critical threats o Help identify cyber threats o Networking and routing configuration Cisco routers and switcheso Managed and configured a wide range of systems, servers and services • Worked in a Top Secret SCIF as a COMSEC custodiano Creation and destruction of Top Secret and Secret materialo Ensured devices were properly keyedo Served all of South Korea